urlscan.io logo urlscan.io
SecurityTrails logo

www.refa.net Open in urlscan Pro
18.179.98.218  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://refa.net/
Effective URL: https://www.refa.net/
Submission: On April 25 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 12 countries across 57 domains to perform 271 HTTP transactions. The main IP is 18.179.98.218, located in Tokyo, Japan and belongs to AMAZON-02, US. The main domain is www.refa.net.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 5th 2024. Valid for: a year.
This is the only time www.refa.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 79 18.179.98.218 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
3 172.217.25.163 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
4 182.22.24.252 23816 (YAHOO Yah...)
8 142.250.196.100 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2406:2600:4::2e 55569 (CRITEO-AS...)
2 23.42.117.131 16625 (AKAMAI-AS)
3 18.172.30.90 16509 (AMAZON-02)
1 172.217.26.226 15169 (GOOGLE)
1 138.113.138.164 54994 (ML-1432-5...)
1 2600:9000:282... 16509 (AMAZON-02)
4 157.240.31.5 32934 (FACEBOOK)
1 199.232.148.157 54113 (FASTLY)
1 23.192.193.157 20940 (AKAMAI-AS...)
14 2600:9000:21b... 16509 (AMAZON-02)
1 202.232.238.39 2497 (IIJ Inter...)
2 3 2406:2600:4::b 55569 (CRITEO-AS...)
1 172.66.0.227 13335 (CLOUDFLAR...)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 147.92.191.92 38631 (LINE LINE...)
1 182.161.74.11 55569 (CRITEO-AS...)
1 3 18.182.218.121 16509 (AMAZON-02)
7 14 142.251.222.34 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
4 182.22.30.204 23816 (YAHOO Yah...)
1 183.79.48.249 24572 (YAHOO-JP-...)
6 142.251.42.168 15169 (GOOGLE)
1 216.239.34.178 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
3 182.161.74.16 55569 (CRITEO-AS...)
1 3.164.121.106 16509 (AMAZON-02)
7 142.251.222.3 15169 (GOOGLE)
10 157.240.31.35 32934 (FACEBOOK)
2 2600:140b:1a0... 20940 (AKAMAI-AS...)
1 6 2620:1ec:33:1... 8075 (MICROSOFT...)
5 172.217.161.66 15169 (GOOGLE)
2 202.239.3.249 23816 (YAHOO Yah...)
1 4 2600:1901:0:d... 396982 (GOOGLE-CL...)
2 2600:140b:160... 20940 (AKAMAI-AS...)
2 34.49.1.209 396982 (GOOGLE-CL...)
1 3 35.244.159.8 396982 (GOOGLE-CL...)
3 207.65.34.80 62713 (AS-PUBMATIC)
1 3 103.43.89.4 29990 (ASN-APPNEX)
1 202.233.84.8 131957 (MICROAD M...)
1 35.75.254.126 16509 (AMAZON-02)
2 4 35.213.7.90 19527 (GOOGLE-2)
2 2 35.213.17.49 19527 (GOOGLE-2)
1 107.178.248.96 396982 (GOOGLE-CL...)
1 4 69.173.158.64 26667 (RUBICONPR...)
3 124.146.153.162 2514 (INFOSPHER...)
1 13.114.11.148 16509 (AMAZON-02)
2 141.226.231.48 200478 (TABOOLA-A...)
1 52.197.229.214 16509 (AMAZON-02)
1 203.137.133.151 4694 (IDCF IDC ...)
2 172.188.170.32 8075 (MICROSOFT...)
1 2 35.201.98.24 396982 (GOOGLE-CL...)
1 119.63.198.176 38627 (BAIDUJP B...)
1 18.172.52.72 16509 (AMAZON-02)
1 2600:1f10:4ce... 14618 (AMAZON-AES)
1 2 142.250.198.6 15169 (GOOGLE)
2 3 142.251.42.134 15169 (GOOGLE)
2 2620:1ec:bdf::46 8075 (MICROSOFT...)
5 7 54.64.75.156 16509 (AMAZON-02)
2 3.165.18.96 16509 (AMAZON-02)
1 2600:1901:0:2... 396982 (GOOGLE-CL...)
3 142.250.207.34 15169 (GOOGLE)
1 1 3.114.66.39 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
1 4 104.18.26.193 13335 (CLOUDFLAR...)
1 2 172.217.26.230 15169 (GOOGLE)
3 4.153.129.168 8075 (MICROSOFT...)
1 2 103.43.91.17 29990 (ASN-APPNEX)
1 18.172.52.116 16509 (AMAZON-02)
1 35.244.154.8 396982 (GOOGLE-CL...)
1 23.222.96.30 16625 (AKAMAI-AS)
1 52.195.109.1 16509 (AMAZON-02)
1 23.106.127.170 59253 (LEASEWEB-...)
1 23.48.117.105 16625 (AKAMAI-AS)
1 2600:140b:1c0... 20940 (AKAMAI-AS...)
1 2 35.71.178.8 16509 (AMAZON-02)
1 74.118.186.107 6336 (TURN-US-ASN)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 4 52.223.40.198 16509 (AMAZON-02)
3 202.232.238.37 2497 (IIJ Inter...)
1 1 54.168.99.99 16509 (AMAZON-02)
271 84
79    18.179.98.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
refa.net
www.refa.net
2    2404:6800:4004:825::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    172.217.25.163 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s13-in-f163.1e100.net
fonts.gstatic.com
6    2404:6800:4004:825::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    182.22.24.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
s.yjtag.jp
s.yimg.jp
b92.yahoo.co.jp
8    142.250.196.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f4.1e100.net
www.google.com
2    2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2406:2600:4::2e (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    23.42.117.131 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-42-117-131.deploy.static.akamaitechnologies.com
js.fout.jp
3    18.172.30.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-30-90.nrt20.r.cloudfront.net
cd.ladsp.com
1    172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f2.1e100.net
www.googleadservices.com
1    138.113.138.164 (Canada)

ASN54994 (ML-1432-54994, CA)
d-cache.microad.jp
1    2600:9000:2828:2800:1e:513c:d3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
taj1.ebis.ne.jp
4    157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net
connect.facebook.net
1    199.232.148.157 (Amsterdam, Netherlands)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    23.192.193.157 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-192-193-157.deploy.static.akamaitechnologies.com
d.line-scdn.net
14    2600:9000:21b5:b200:7:2bfb:7c00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.tiqcdn.com
1    202.232.238.39 (Nishikichō, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
cnt.fout.jp
3    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    172.66.0.227 (United States)

ASN13335 (CLOUDFLARENET, US)
t.co
1    162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)
analytics.twitter.com
1    147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)
tr.line.me
1    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
3    18.182.218.121 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-218-121.ap-northeast-1.compute.amazonaws.com
px.ladsp.com
14    142.251.222.34 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
3    2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)
td.doubleclick.net
4    182.22.30.204 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
b97.yahoo.co.jp
b99.yahoo.co.jp
1    183.79.48.249 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)
am.yahoo.co.jp
6    142.251.42.168 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f8.1e100.net
www.googletagmanager.com
1    216.239.34.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4008:c05::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
sslwidget.criteo.com
dis.criteo.com
1    3.164.121.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-121-106.nrt12.r.cloudfront.net
um.ladsp.com
7    142.251.222.3 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f3.1e100.net
www.google.ca
10    157.240.31.35 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-nrt1.facebook.com
www.facebook.com
2    2600:140b:1a00:23::173f:e925 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
dmp.im-apps.net
6    2620:1ec:33:1::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
c.bing.com
5    172.217.161.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f2.1e100.net
td.doubleclick.net
2    202.239.3.249 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
apm.yahoo.co.jp
4    2600:1901:0:d706:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
b6.im-apps.net
2    2600:140b:1600::173b:fc93 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
sync6.im-apps.net
2    34.49.1.209 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.1.49.34.bc.googleusercontent.com
b.im-apps.net
3    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
jp-u.openx.net
3    207.65.34.80 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
3    103.43.89.4 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
1    35.75.254.126 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-254-126.ap-northeast-1.compute.amazonaws.com
sync.ad-stir.com
4    35.213.7.90 (Tokyo, Japan)

ASN19527 (GOOGLE-2, US)
PTR: 90.7.213.35.bc.googleusercontent.com
x.bidswitch.net
2    35.213.17.49 (Tokyo, Japan)

ASN19527 (GOOGLE-2, US)
PTR: 49.17.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    107.178.248.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.248.178.107.bc.googleusercontent.com
penta.a.one.impact-ad.jp
4    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    124.146.153.162 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
ssl.socdm.com
tg.socdm.com
1    13.114.11.148 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-114-11-148.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
2    141.226.231.48 (Hong Kong)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)
sync.taboola.com
sync-t1.taboola.com
1    52.197.229.214 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-229-214.ap-northeast-1.compute.amazonaws.com
adn.caprofitx.com
1    203.137.133.151 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
cs.gssprt.jp
2    172.188.170.32 (United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.outbrain.com
2    35.201.98.24 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 24.98.201.35.bc.googleusercontent.com
sp.gmossp-sp.jp
1    119.63.198.176 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
discoveryplus.popin.cc
1    18.172.52.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-72.nrt20.r.cloudfront.net
ad.as.amanad.adtdp.com
1    2600:1f10:4ce4:4a05:7bab:95fd:f046:ea73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
partners.tremorhub.com
2    142.250.198.6 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f6.1e100.net
10707063.fls.doubleclick.net
3    142.251.42.134 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f6.1e100.net
ad.doubleclick.net
2    2620:1ec:bdf::46 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
7    54.64.75.156 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-75-156.ap-northeast-1.compute.amazonaws.com
bypass.ad-stir.com
2    3.165.18.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-165-18-96.nrt12.r.cloudfront.net
js.adsrvr.org
1    2600:1901:0:2dbc:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
atb.im-apps.net
3    142.250.207.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f2.1e100.net
adservice.google.com
1    3.114.66.39 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-66-39.ap-northeast-1.compute.amazonaws.com
adn.caprofitx.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
4    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum.casalemedia.com
r.casalemedia.com
dsum-sec.casalemedia.com
2    172.217.26.230 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f6.1e100.net
12693547.fls.doubleclick.net
3    4.153.129.168 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
b.clarity.ms
2    103.43.91.17 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    18.172.52.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-116.nrt20.r.cloudfront.net
ad.as.amanad.adtdp.com
1    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    23.222.96.30 (Auckland, New Zealand)

ASN16625 (AKAMAI-AS, US)
PTR: a23-222-96-30.deploy.static.akamaitechnologies.com
contextual.media.net
1    52.195.109.1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-195-109-1.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
1    23.106.127.170 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)
rtb-csync.smartadserver.com
1    23.48.117.105 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-117-105.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    2600:140b:1c00:38::1732:76b3 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
ade.clmbtech.com
2    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    74.118.186.107 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)
sync.1rx.io
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
4    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
match.adsrvr.org
3    202.232.238.37 (Nishikichō, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    54.168.99.99 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-99-99.ap-northeast-1.compute.amazonaws.com
ssp-sync.i-mobile.co.jp
Apex Domain
Subdomains		 Transfer
79 refa.net
refa.net
www.refa.net
4 MB
30 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63
td.doubleclick.net — Cisco Umbrella Rank: 261
stats.g.doubleclick.net — Cisco Umbrella Rank: 227
cm.g.doubleclick.net — Cisco Umbrella Rank: 353
10707063.fls.doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 190
12693547.fls.doubleclick.net
22 KB
14 tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1441
38 KB
12 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
1 MB
11 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 10909
b6.im-apps.net — Cisco Umbrella Rank: 95080
sync6.im-apps.net — Cisco Umbrella Rank: 11401
b.im-apps.net — Cisco Umbrella Rank: 113535
atb.im-apps.net — Cisco Umbrella Rank: 193105
33 KB
11 google.com
www.google.com — Cisco Umbrella Rank: 5
adservice.google.com — Cisco Umbrella Rank: 669
637 B
10 facebook.com
www.facebook.com — Cisco Umbrella Rank: 132
857 B
8 ad-stir.com
sync.ad-stir.com — Cisco Umbrella Rank: 7832
bypass.ad-stir.com — Cisco Umbrella Rank: 117717
4 KB
8 yahoo.co.jp
b92.yahoo.co.jp — Cisco Umbrella Rank: 60906
b97.yahoo.co.jp — Cisco Umbrella Rank: 85932
am.yahoo.co.jp — Cisco Umbrella Rank: 95685
b99.yahoo.co.jp — Cisco Umbrella Rank: 30624
apm.yahoo.co.jp — Cisco Umbrella Rank: 31307
32 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 785
b.clarity.ms — Cisco Umbrella Rank: 7848
c.clarity.ms — Cisco Umbrella Rank: 1425
32 KB
7 google.ca
www.google.ca — Cisco Umbrella Rank: 11191
448 B
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 574
mug.criteo.com — Cisco Umbrella Rank: 3312
sslwidget.criteo.com — Cisco Umbrella Rank: 2510
dis.criteo.com — Cisco Umbrella Rank: 945
16 KB
7 ladsp.com
cd.ladsp.com — Cisco Umbrella Rank: 101640
px.ladsp.com — Cisco Umbrella Rank: 107663
um.ladsp.com — Cisco Umbrella Rank: 249538
11 KB
6 adsrvr.org
js.adsrvr.org — Cisco Umbrella Rank: 1486
insight.adsrvr.org — Cisco Umbrella Rank: 1156
match.adsrvr.org — Cisco Umbrella Rank: 486
10 KB
6 bing.com
bat.bing.com — Cisco Umbrella Rank: 444
c.bing.com — Cisco Umbrella Rank: 278
19 KB
6 fout.jp
js.fout.jp — Cisco Umbrella Rank: 209067
cnt.fout.jp — Cisco Umbrella Rank: 196233
sync.fout.jp — Cisco Umbrella Rank: 25971
8 KB
5 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 362
secure.adnxs.com — Cisco Umbrella Rank: 680
6 KB
4 casalemedia.com
dsum.casalemedia.com — Cisco Umbrella Rank: 1903
r.casalemedia.com — Cisco Umbrella Rank: 2693
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 837
3 KB
4 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 546
6 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 493
1 KB
4 openx.net
jp-u.openx.net — Cisco Umbrella Rank: 15888
u.openx.net — Cisco Umbrella Rank: 944
851 B
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 237
90 KB
3 socdm.com
ssl.socdm.com — Cisco Umbrella Rank: 297173
tg.socdm.com — Cisco Umbrella Rank: 2805
3 KB
3 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 8800
penta.a.one.impact-ad.jp — Cisco Umbrella Rank: 148210
1 KB
3 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 1233
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 80
22 KB
3 gstatic.com
fonts.gstatic.com
5 MB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 640
979 B
2 adtdp.com
ad.as.amanad.adtdp.com — Cisco Umbrella Rank: 13022
1 KB
2 gmossp-sp.jp
sp.gmossp-sp.jp — Cisco Umbrella Rank: 104061
1 KB
2 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 1375
720 B
2 caprofitx.com
adn.caprofitx.com — Cisco Umbrella Rank: 109325
1 KB
2 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1376
sync-t1.taboola.com — Cisco Umbrella Rank: 2832
750 B
2 microad.jp
d-cache.microad.jp — Cisco Umbrella Rank: 380070
s-cs.send.microad.jp — Cisco Umbrella Rank: 27055
1 KB
2 yimg.jp
s.yimg.jp — Cisco Umbrella Rank: 9229
14 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 76
1 KB
1 i-mobile.co.jp
ssp-sync.i-mobile.co.jp — Cisco Umbrella Rank: 108723
484 B
1 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 661
99 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 3879
259 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3934
278 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 879
587 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 741
492 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 907
652 B
1 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 636
441 B
1 tremorhub.com
partners.tremorhub.com — Cisco Umbrella Rank: 1447
175 B
1 popin.cc
discoveryplus.popin.cc — Cisco Umbrella Rank: 234057
469 B
1 gssprt.jp
cs.gssprt.jp — Cisco Umbrella Rank: 16879
447 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 5528
411 B
1 line.me
tr.line.me — Cisco Umbrella Rank: 17001
425 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 1235
669 B
1 t.co
t.co — Cisco Umbrella Rank: 1179
644 B
1 line-scdn.net
d.line-scdn.net — Cisco Umbrella Rank: 18703
10 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1313
16 KB
1 ebis.ne.jp
taj1.ebis.ne.jp — Cisco Umbrella Rank: 202659
393 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 95
22 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 1067
23 KB
1 yjtag.jp
s.yjtag.jp — Cisco Umbrella Rank: 144529
342 B
271 57
Domain Requested by
78 www.refa.net www.refa.net
14 tags.tiqcdn.com www.refa.net
tags.tiqcdn.com
12 www.googletagmanager.com www.refa.net
www.googletagmanager.com
tags.tiqcdn.com
dmp.im-apps.net
10 www.facebook.com connect.facebook.net
www.refa.net
8 td.doubleclick.net www.googletagmanager.com
8 www.google.com www.googletagmanager.com
www.refa.net
7 bypass.ad-stir.com 5 redirects www.googletagmanager.com
7 cm.g.doubleclick.net 7 redirects
7 www.google.ca www.refa.net
7 googleads.g.doubleclick.net www.googleadservices.com
www.googletagmanager.com
4 pixel.rubiconproject.com 1 redirects um.ladsp.com
js.fout.jp
4 x.bidswitch.net 2 redirects www.refa.net
4 ib.adnxs.com 2 redirects um.ladsp.com
4 b6.im-apps.net 1 redirects dmp.im-apps.net
www.refa.net
4 bat.bing.com tags.tiqcdn.com
bat.bing.com
www.refa.net
4 connect.facebook.net www.refa.net
connect.facebook.net
3 sync.fout.jp js.fout.jp
3 match.adsrvr.org js.adsrvr.org
3 b.clarity.ms www.clarity.ms
3 adservice.google.com 10707063.fls.doubleclick.net
www.refa.net
12693547.fls.doubleclick.net
3 ad.doubleclick.net 2 redirects www.refa.net
3 simage2.pubmatic.com um.ladsp.com
js.fout.jp
3 jp-u.openx.net 1 redirects um.ladsp.com
js.fout.jp
3 px.ladsp.com 1 redirects www.refa.net
um.ladsp.com
3 gum.criteo.com 2 redirects static.criteo.net
3 cd.ladsp.com www.googletagmanager.com
www.refa.net
px.ladsp.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
2 c.clarity.ms 1 redirects
2 eb2.3lift.com 1 redirects
2 c.bing.com 1 redirects
2 dis.criteo.com
2 12693547.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 dsum.casalemedia.com 1 redirects www.refa.net
2 tg.socdm.com www.refa.net
2 js.adsrvr.org www.googletagmanager.com
match.adsrvr.org
2 www.clarity.ms bat.bing.com
www.clarity.ms
2 10707063.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 ad.as.amanad.adtdp.com um.ladsp.com
2 sp.gmossp-sp.jp 1 redirects um.ladsp.com
2 sync.outbrain.com um.ladsp.com
2 adn.caprofitx.com 1 redirects um.ladsp.com
2 y.one.impact-ad.jp 2 redirects
2 b.im-apps.net www.refa.net
dmp.im-apps.net
2 sync6.im-apps.net dmp.im-apps.net
www.refa.net
2 apm.yahoo.co.jp s.yimg.jp
2 dmp.im-apps.net tags.tiqcdn.com
www.refa.net
2 b99.yahoo.co.jp www.refa.net
2 b97.yahoo.co.jp s.yimg.jp
www.refa.net
2 js.fout.jp www.refa.net
js.fout.jp
2 s.yimg.jp www.googletagmanager.com
2 fonts.googleapis.com www.refa.net
1 dsum-sec.casalemedia.com js.adsrvr.org
1 ssp-sync.i-mobile.co.jp 1 redirects
1 secure.adnxs.com js.fout.jp
1 insight.adsrvr.org 1 redirects
1 sync.1rx.io
1 ade.clmbtech.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 aa.agkn.com
1 contextual.media.net
1 idsync.rlcdn.com
1 r.casalemedia.com
1 u.openx.net www.refa.net
1 atb.im-apps.net www.refa.net
1 partners.tremorhub.com um.ladsp.com
1 discoveryplus.popin.cc um.ladsp.com
1 cs.gssprt.jp um.ladsp.com
1 sync.taboola.com um.ladsp.com
1 cs.adingo.jp um.ladsp.com
1 ssl.socdm.com um.ladsp.com
1 penta.a.one.impact-ad.jp um.ladsp.com
1 sync.ad-stir.com um.ladsp.com
1 s-cs.send.microad.jp um.ladsp.com
1 um.ladsp.com px.ladsp.com
1 sslwidget.criteo.com static.criteo.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 am.yahoo.co.jp b92.yahoo.co.jp
1 mug.criteo.com www.refa.net
1 tr.line.me www.refa.net
1 analytics.twitter.com www.refa.net
1 t.co www.refa.net
1 cnt.fout.jp www.refa.net
1 d.line-scdn.net www.refa.net
1 static.ads-twitter.com www.refa.net
1 taj1.ebis.ne.jp www.refa.net
1 b92.yahoo.co.jp www.googletagmanager.com
1 d-cache.microad.jp www.refa.net
1 www.googleadservices.com www.googletagmanager.com
1 static.criteo.net www.googletagmanager.com
1 s.yjtag.jp www.refa.net
1 refa.net 1 redirects
271 94

This site contains links to these domains. Also see Links.

Domain
www.mtgec.jp
instagram.com
www.facebook.com
www.mtg.gr.jp
Subject Issuer Validity Valid
refa.net
Amazon RSA 2048 M03		 2024-06-05 -
2025-07-04		 a year crt.sh
upload.video.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.gstatic.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.google-analytics.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2025-04-15 -
2026-05-14		 a year crt.sh
*.google.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-11 -
2025-07-04		 3 months crt.sh
*.fout.jp
GeoTrust RSA CA 2018		 2024-07-27 -
2025-07-30		 a year crt.sh
*.ladsp.com
GlobalSign RSA OV SSL CA 2018		 2024-05-21 -
2025-06-22		 a year crt.sh
*.googleadservices.com
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
jpssl.cdngc.net
GlobalSign RSA OV SSL CA 2018		 2024-09-06 -
2025-09-08		 a year crt.sh
*.ebis.ne.jp
Amazon RSA 2048 M03		 2025-01-22 -
2026-02-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2025-02-01 -
2025-05-02		 3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-06-25 -
2025-06-24		 a year crt.sh
line-apps.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-24 -
2025-09-23		 a year crt.sh
tags.tiqcdn.com
Amazon RSA 2048 M02		 2025-02-17 -
2026-03-18		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-18 -
2025-07-17		 3 months crt.sh
t.co
E6		 2025-03-24 -
2025-06-22		 3 months crt.sh
twitter.com
E6		 2025-03-06 -
2025-06-04		 3 months crt.sh
*.line.me
GlobalSign RSA OV SSL CA 2018		 2024-08-08 -
2025-09-09		 a year crt.sh
*.g.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.doubleclick.net
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
mscedge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2024-10-28 -
2025-11-27		 a year crt.sh
gw01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2025-03-28 -
2026-04-27		 a year crt.sh
*.google.ca
WE2		 2025-03-31 -
2025-06-23		 3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1		 2025-01-10 -
2026-01-10		 a year crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 07		 2025-03-14 -
2025-09-10		 6 months crt.sh
b6.im-apps.net
WR3		 2025-04-05 -
2025-07-04		 3 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-02-19 -
2026-03-22		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2024-10-10 -
2025-11-11		 a year crt.sh
*.ad-stir.com
Sectigo ECC Domain Validation Secure Server CA		 2024-10-21 -
2025-11-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2025-03-04 -
2026-04-03		 a year crt.sh
ssl.socdm.com
Go Daddy Secure Certificate Authority - G2		 2024-12-16 -
2026-01-17		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M03		 2024-08-14 -
2025-09-13		 a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-12-01 -
2025-12-31		 a year crt.sh
*.caprofitx.com
Amazon RSA 2048 M03		 2024-07-10 -
2025-08-07		 a year crt.sh
cs.gssprt.jp
GeoTrust TLS RSA CA G1		 2024-12-30 -
2026-01-30		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2024-11-13 -
2025-12-02		 a year crt.sh
sp.gmossp-sp.jp
WR3		 2025-04-14 -
2025-07-13		 3 months crt.sh
*.popin.cc
Secure Site Pro CA G2		 2024-09-23 -
2025-10-24		 a year crt.sh
*.as.amanad.adtdp.com
Amazon RSA 2048 M03		 2024-12-05 -
2026-01-03		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M02		 2024-12-24 -
2026-01-23		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2025-03-19 -
2026-04-02		 a year crt.sh
atb.im-apps.net
WR3		 2025-03-25 -
2025-06-23		 3 months crt.sh
b.im-apps.net
WR3		 2025-03-13 -
2025-06-11		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2024-05-17 -
2025-06-18		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2025-04-06 -
2025-07-01		 3 months crt.sh
casalemedia.com
E6		 2025-04-08 -
2025-07-07		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2025-02-06 -
2026-03-05		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-10-23 -
2025-10-22		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2025-01-09 -
2026-02-09		 a year crt.sh
teads.tv
R10		 2025-02-18 -
2025-05-19		 3 months crt.sh
colombiaonline.com
R10		 2025-04-10 -
2025-07-09		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2024-06-13 -
2025-07-14		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2025-02-21 -
2026-03-23		 a year crt.sh

This page contains 21 frames:

Primary Page: https://www.refa.net/
Frame ID: 2FB286F19965B06312506438F356CA16
Requests: 203 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fwww.refa.net
Frame ID: 7BE7EE69AD1FE34DF85D5953FD13E2C8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.refa.net&origin=onetag
Frame ID: A36FF6EACB26FBE589B1D150F60B0E51
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774022946?random=1745575193541&cv=11&fst=1745575193541&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 5D1D51279BACAA9C37CE55A5F3CB6523
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774025335?random=1745575193578&cv=11&fst=1745575193578&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0h1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 20EEF612CF196D7689612855733FAE91
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774046165?random=1745575193684&cv=11&fst=1745575193684&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: D6CAA74579570E678A1BBD524F33DA7E
Requests: 1 HTTP requests in this frame

Frame: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Frame ID: 52791366E1ABEF8ACC67CA6AEB05A4FE
Requests: 19 HTTP requests in this frame

Frame: https://cd.ladsp.com/html/getTopics2.html?stu=mTxrsbcXjcbp0Lne4Pwl2g
Frame ID: 04BB4D708359A6D49865916A91D63F71
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/774046165?random=1745575193778&cv=11&fst=1745575193778&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 8020FE2CAA00AA2303BDC5A6C2105280
Requests: 1 HTTP requests in this frame

Frame: https://10707063.fls.doubleclick.net/activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: E3FE70A1A6369A89F779FA16FDEE6D07
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: B0B3CFFC985DFD37A8BE4A958B5F8AC6
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10974633921?random=1745575193947&cv=11&fst=1745575193947&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Frame ID: 547CB1A4AAF1AFDD51B3E9C01EE08DF5
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/10974633921?random=1745575193990&cv=11&fst=1745575193990&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 341ED40CCA7B0884B30103D07CE8E024
Requests: 1 HTTP requests in this frame

Frame: https://12693547.fls.doubleclick.net/activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: 6AC8F91F320626EEBA3AF63B64D752CC
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Frame ID: EC25ED2BC4F99FB3DE3015C925B42ABA
Requests: 1 HTTP requests in this frame

Frame: https://js.fout.jp/beacon.html?from=dmp
Frame ID: 59E3D268A06002B1DBB678090878F6A2
Requests: 8 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-2ykxHrgVjEP9FZn_OB4zA7r6KvqbbGceKYxCFA&expires=30
Frame ID: CB9B29476301B1EA9BD1913AB8FB3DD0
Requests: 20 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Frame ID: FBBF6F8BE9EE3217F356B2AD1B7B864E
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9514b518&google_gid=CAESEGEbNM6b4spWynigcOOkHn8&google_cver=1
Frame ID: 57B044A4278269C31D91498940F56726
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Frame ID: 478D027814AE45B6906B015643EBFDB4
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=dec05867-936e-482f-b080-b9fa9514b518&expiration=1748167194&gdpr=0&gdpr_consent=
Frame ID: 7F6478FBEFAE4F34516BE24F6CD016C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ReFa (リファ)公式ブランドサイト | 株式会社MTG:美容機器・洗顔美容・美容ドリンク・炭酸美容・スキンケア・コラーゲン・ヘッドスパ・ドライヤー

Page URL History Show full URLs

  1. http://refa.net/ HTTP 307
    https://refa.net/ HTTP 301
    http://www.refa.net/ HTTP 307
    https://www.refa.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

271
Requests

93 %
HTTPS

20 %
IPv6

57
Domains

94
Subdomains

84
IPs

12
Countries

10683 kB
Transfer

14363 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://refa.net/ HTTP 307
    https://refa.net/ HTTP 301
    http://www.refa.net/ HTTP 307
    https://www.refa.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://gum.criteo.com/sid/json?origin=onetag&domain=refa.net&sn=ChromeSyncframe&so=undefined&topUrl=www.refa.net&topicsavail=1&fledgeavail=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=BWdECHwzWkg4V0JPV2ZVdU5mS3R0eG5qM1dhZlNCUEMyZXJkS1NtbnljcWdFcEFVemJvTlNkVHpXazl4OWU1a2Y0ck1HeElLR1ZNclJyMlYzY1VmN1JUaUh2RnZCQ2JjeXBScGlyMGpieTFYMUc4WG51K0RaeUVnNVN5VVhJeVdqSkNWWmFPeWw4NnMwUDZ6bTBrMEIzcTYyT285VU9QdEN3STE4WEJrMEtkMkNabkNKMHBzdFZYd0ZlWVZsait1VlZVZmdpSWUzWlBha0Q4ejYzM1B6SS8rK1VHYzRSeFZHaUc4Wmk2ZzZLWjdvWnlLNFpROTJ4dDJ4S2pyUy9zTlRDTzdQR3hFV01rSkhIaDZydnY1RExLaG01NTBhalRrWDNUcjdSQ0Q4eWUzT2dpOD18&cppv=2
Request Chain 112
  • https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119 HTTP 302
  • https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Request Chain 168
  • https://b6.im-apps.net/pv/lemNF6?cid=1012284&url=https%3A%2F%2Fwww.refa.net%2F&ref=&title=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&lang=ja-jp HTTP 302
  • https://b.im-apps.net/pv/lemNF6?cid=1012284&ehid=eYGyV8FE34fMtZm8&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88+%7C+%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&url=https%3A%2F%2Fwww.refa.net%2F
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AaldhsaDx9bIks8AKJjLxRGywMA&logicad_uid=AaldhsaDx9bIks8AKJjLxRGywMA&svid=03 HTTP 302
  • https://px.ladsp.com/match/google?logicad_uid=AaldhsaDx9bIks8AKJjLxRGywMA&svid=03&google_gid=CAESEKgiQnEZkwHdp-yKsxUdvgo&google_cver=1
Request Chain 170
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
Request Chain 172
  • https://ib.adnxs.com/setuid?entity=276&code=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
Request Chain 175
  • https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw HTTP 302
  • https://y.one.impact-ad.jp/cs?d=105&uid=cff599c4-5d9b-43c3-acf3-c99555921e44&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid= HTTP 302
  • https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=cff599c4-5d9b-43c3-acf3-c99555921e44&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid= HTTP 302
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Request Chain 187
  • https://10707063.fls.doubleclick.net/activityi;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
  • https://10707063.fls.doubleclick.net/activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F
Request Chain 224
  • https://bypass.ad-stir.com/push_sync HTTP 302
  • https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bypass&uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760 HTTP 302
  • https://bypass.ad-stir.com/receive_sync?ssp=gmo&uid=x3mrWQPVyLHSO3hg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&google_hm=Aq_l9vlqTxGd6o77sUsXYA&google_redir=https%3A%2F%2Fbypass.ad-stir.com%2Freceive_sync%3Fssp%3Dgoogle_hosted_match%26google_gid%3Dhosted_match HTTP 302
  • https://bypass.ad-stir.com/receive_sync?ssp=google_hosted_match&google_gid=hosted_match HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760&google_ula=439954433&google_cm HTTP 302
  • https://bypass.ad-stir.com/receive_sync?ssp=google&uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760&google_gid=CAESEIhGsDKAn2z7bB12I5QZFds&google_cver=1&google_ula=439954433,0 HTTP 302
  • https://adn.caprofitx.com/v1/cookiesync?bypass_uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760 HTTP 302
  • https://bypass.ad-stir.com/receive_sync?ssp=profitx&uid=d7867b1e-662b-4e96-9ed7-eade9cba801f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=204&user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&expires=90
Request Chain 227
  • https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760 HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&C=1
Request Chain 228
  • https://ad.doubleclick.net/activity;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;~oref=https%3A%2F%2Fwww.refa.net%2F
Request Chain 229
  • https://12693547.fls.doubleclick.net/activityi;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F HTTP 302
  • https://12693547.fls.doubleclick.net/activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-W9xp1bgVjEP9FZn_OB4zA7r6KvpJLVZ8zoDhKg&google_cm&google_hm=ay1XOXhwMWJnVmpFUDlGWm5fT0I0ekE3cjZLdnBKTFZaOHpvRGhLZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-W9xp1bgVjEP9FZn_OB4zA7r6KvpJLVZ8zoDhKg&google_gid=CAESEFvYD-K4X2xQUt4xzGyhqfc&google_cver=1&google_ula=913071,0
Request Chain 236
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4406566417585652607
Request Chain 243
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=xpRUuF90RFpJZ3N3c01LaFJ5VnpRVUVldndhV2NSSTdyYkU4ZlBvcCUyQjdmRU5DUFUlM0Q
Request Chain 251
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-jSFqkbgVjEP9FZn_OB4zA7r6KvoFIw98P9QqPw&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-jSFqkbgVjEP9FZn_OB4zA7r6KvoFIw98P9QqPw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 253
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=65227120F6164B31981FDCBB5163320D&RedC=c.clarity.ms&MXFR=284FDB3AA0F2650714E4CEE3A4F26B76 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65227120F6164B31981FDCBB5163320D&MUID=0099F659EEB66C7D11B9E380EFEE6D93
Request Chain 254
  • https://insight.adsrvr.org/track/up?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1 HTTP 302
  • https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_cm&google_sc&from_google=pc2 HTTP 302
  • https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESECHIBkcuUSNPszzojA4b-6M&google_cver=1
Request Chain 257
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&from_google=pc3&google_hm=dkl6RWJxUWVLMzJISF8tazkyNUFtOElTeTdN HTTP 302
  • https://sync.fout.jp/report?xid=googleadex&from_google=pc3
Request Chain 260
  • https://ssp-sync.i-mobile.co.jp/sync.ashx?dspid=5 HTTP 302
  • https://sync.fout.jp/sync?xid=imobile&uid=e0187db0-a9ba-4b52-b0ec-79f897093b8d&sync_status=1
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZGVjMDU4NjctOTM2ZS00ODJmLWIwODAtYjlmYTk1MTRiNTE4&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9514b518 HTTP 302
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9514b518&google_gid=CAESEGEbNM6b4spWynigcOOkHn8&google_cver=1
Request Chain 264
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dec05867-936e-482f-b080-b9fa9514b518&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0

271 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.refa.net/
Redirect Chain
  • http://refa.net/
  • https://refa.net/
  • http://www.refa.net/
  • https://www.refa.net/
42 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fea2eb260146bdad234decd71e009965911fe9bf6f1f09afeb0f39a80b68866b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
8387
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-type
text/html; charset=UTF-8
date
Fri, 25 Apr 2025 09:59:52 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

Location
https://www.refa.net/
Non-Authoritative-Reason
HttpsUpgrades
common.css
www.refa.net/css/ 		80 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/common.css?v=190920
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1a2ad774c88495859f82aeeda6be27ff5d949f89e8607a0c23f452d1454d791f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"13ebc-61c543fab15aa-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
10911
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Wed, 03 Jul 2024 09:13:51 GMT
server
Apache
vary
Accept-Encoding
style_pc.css
www.refa.net/css/ 		94 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/style_pc.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0fe79403b0da509e1489e4ee29a83825f876a00dfbd4a2a84374160008509566
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"177e7-5fc07dc724440-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
11652
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 19 May 2023 08:39:37 GMT
server
Apache
vary
Accept-Encoding
slick.css
www.refa.net/css/ 		2 KB
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/slick.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
daf575d309cd103f22b4870a8bf90e7ec0cf5f03ea8f55658da64442ca64fd87
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"6ae-56ad2c1ffda80-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
539
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 27 Apr 2018 11:25:14 GMT
server
Apache
vary
Accept-Encoding
index_pc.css
www.refa.net/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/index_pc.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
23648a805757fe951690f36a2703fc44bed7446f27ab14002b755414eee79eb8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"3acd-61b14a0c7abc0-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
3307
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Mon, 17 Jun 2024 11:54:31 GMT
server
Apache
vary
Accept-Encoding
movie.css
www.refa.net/special/movie/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/special/movie/css/movie.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4cde44f4a6001baefb125113c0dc2c1ab127d26cd44b78d9b8cdd1d5955e3c6e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"28af-626ea72db3989-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2584
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 15 Nov 2024 02:37:31 GMT
server
Apache
vary
Accept-Encoding
slider-pro.css
www.refa.net/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/slider-pro.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
44e8cb44cdd9eb6a4d4e3818aa820f39413552076ed701340672bbc9d2cd1c0b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"43f9-59dd41edd4b00-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2910
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Wed, 05 Feb 2020 13:27:40 GMT
server
Apache
vary
Accept-Encoding
modernizr-2.6.2.min.js
www.refa.net/common/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/common/js/modernizr-2.6.2.min.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4d9bc12d794ed221ae1cbebbbeba7b267305c6dc94704412e6cfea0e156a5237
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"3c3a-56b2f98fe7080-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
6252
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Wed, 02 May 2018 02:10:58 GMT
server
Apache
vary
Accept-Encoding
scrollsmoothly.js
www.refa.net/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/scrollsmoothly.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
bf9122f9db31ccdb893d0d475b22f5ae3686373ed845ec3aeb498231516f58e0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"13a0-52a1b825a68c0-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1840
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Sun, 24 Jan 2016 21:55:23 GMT
server
Apache
vary
Accept-Encoding
jquery-1.11.3.min.js
www.refa.net/js/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/jquery-1.11.3.min.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"176d5-52a1b824b2680-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
33279
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Sun, 24 Jan 2016 21:55:22 GMT
server
Apache
vary
Accept-Encoding
common.js
www.refa.net/common/js/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/common/js/common.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
57139058a78a65e8099ea3d55f1b7fea110264e6841dfe13292dc18d0b905cdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"5daa-5c58448208900-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
5735
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Thu, 24 Jun 2021 15:00:20 GMT
server
Apache
vary
Accept-Encoding
slick.min.js
www.refa.net/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/slick.min.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"a770-56ad2c1ffda80-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
10445
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 27 Apr 2018 11:25:14 GMT
server
Apache
vary
Accept-Encoding
jquery.sliderPro.min.js
www.refa.net/js/ 		95 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/jquery.sliderPro.min.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f2a6463de97e090de322b1f61620101c0fe90806e87052af3ddc1151dfa7d212
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"17b7f-59dd4206a0580-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
18840
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Wed, 05 Feb 2020 13:28:06 GMT
server
Apache
vary
Accept-Encoding
movie.js
www.refa.net/js/ 		2 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/movie.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
16fd28d7d50667ff6bbbe9fdca15d32116ec0c51e4e2fe9fbfddd5b50e0168a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"61e-61152843f5f00-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
650
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Wed, 14 Feb 2024 07:32:44 GMT
server
Apache
vary
Accept-Encoding
index.js
www.refa.net/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/index.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4c3b799ae3bb8f31107585d13a9445920d4d27d8f4fe080ad1a5c750e28f0122
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"88e-59dd4206a0580-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
832
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Wed, 05 Feb 2020 13:28:06 GMT
server
Apache
vary
Accept-Encoding
logo.svg
www.refa.net/images/common/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/logo.svg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
80517b8960156057b554b4d7e31939a44657ebef90c5ae7575810e85617d525c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"10df-59df91964b080-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2104
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Fri, 07 Feb 2020 09:34:42 GMT
server
Apache
vary
Accept-Encoding
header-nav-haircare.jpg
www.refa.net/images/common/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/header-nav-haircare.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
381b85b13b7e5349854d173bd4f107dcbcef218e36df352c417b8745be97500e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"110b-61bc6fea58980"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
4363
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 26 Jun 2024 08:42:30 GMT
server
Apache
header-nav-shower.jpg
www.refa.net/images/common/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/header-nav-shower.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
17be2466d262d98456527705c60616767ad6171734bf7a26933ce708afcf886f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1657-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
5719
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
header-nav-epilator.jpg
www.refa.net/images/common/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/header-nav-epilator.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e845d2306c78cf59b1821f3fc0316bc2081dad94029a4d98a487d2977e1e8a00
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1f41-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
8001
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
header-nav-beauty.jpg
www.refa.net/images/common/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/header-nav-beauty.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c7a98e7678733e7dd4eaa008a9b4c818c91e7a60f0f5cd1c8393eb558f329b46
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1da3-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
7587
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
header-nav-brush.jpg
www.refa.net/images/common/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/header-nav-brush.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
80e13b96531319ca8b59d9debf3b7831000f277eeee39f51052986965d90d7d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"23b0-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
9136
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
header-nav-cosme.jpg
www.refa.net/images/common/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/header-nav-cosme.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
8559dc3c81a4baadc15eefeea7401d0169b34d66b33b72ad074f40d651b1c759
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"12a2-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
4770
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
bnr-ambassador.jpg
www.refa.net/images/index/ 		413 KB
413 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index/bnr-ambassador.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b898272be45dff5dd67049c0178cac022a9d831a0c8f64b84fa9b26bcf5afd1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"672d5-6165967583b80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
422613
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Thu, 18 Apr 2024 06:51:42 GMT
server
Apache
bnr-myrefa.png
www.refa.net/images/index/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index/bnr-myrefa.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1258bb21295d9c45518ff56df6fe0f297de6ba01307ac57b7d4062a89c826df5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"289c8-61b38454c22c0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
166344
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 19 Jun 2024 06:25:55 GMT
server
Apache
img_kv_vn01_pc.jpg
www.refa.net/images/index02/ 		158 KB
159 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv_vn01_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3481c87254b9418fe5d1c0a6c33108a23109e41f0867c6118711e5cfa4345144
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"27933-62e8ba95c6340"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
162099
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Thu, 20 Feb 2025 04:53:57 GMT
server
Apache
img_kv_vn02_pc.jpg
www.refa.net/images/index02/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv_vn02_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
18ac154fb54f049212fa32a410b2cc3ea2c54b468833815759646aadb531133e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1e64b-62e8baa043c00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
124491
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Thu, 20 Feb 2025 04:54:08 GMT
server
Apache
img_kv10_pc.jpg
www.refa.net/images/index02/ 		329 KB
330 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv10_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e54dfffb54fe2288c3c8aabf1533f94cf08b08293341375deb1b8321516f34b7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"52504-6286dc088c8c0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
337156
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:41:47 GMT
server
Apache
img_kv11_pc.jpg
www.refa.net/images/index02/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv11_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ef51d8df2feec3accfe9a5275a64def5d77465add4be0b9741c7ff0f6edca1df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"45b2f-6286db933f400"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
285487
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:39:44 GMT
server
Apache
img_kv12_pc.jpg
www.refa.net/images/index02/ 		240 KB
241 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv12_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4fefb176157c6a3a8d8183ad9596a617f5d67c7d6f2b2840dbe0f6b533f4d43e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"3bfcf-6286db71de540"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
245711
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:39:09 GMT
server
Apache
img_kv13_pc.jpg
www.refa.net/images/index02/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv13_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
436ab6fd82a4947f0f0fe61f080cf60dd51c66bc2c201befaccaaaec19fdd2a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"4a0a4-6286dbb594500"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
303268
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:40:20 GMT
server
Apache
img_kv14_pc.jpg
www.refa.net/images/index02/ 		231 KB
232 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv14_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
257f0e7d169fff1f3b74c7854791f36fd809cb06a5f499bbb5194619c0ab611a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"39dd5-6286db544df80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
237013
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:38:38 GMT
server
Apache
img_kv15_pc.jpg
www.refa.net/images/index02/ 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv15_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
1506dbfcc6176e64a8d70331eac38af23119fe821581b490cbacb3b50042c133
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"4d10f-6286dba746340"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
315663
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:40:05 GMT
server
Apache
img_kv16_pc.jpg
www.refa.net/images/index02/ 		347 KB
348 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_kv16_pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9a2be8e33b2d1ff981f8e2410479d1ab2f5aa23370a3ba91283ca273c3db63ba
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"56bc3-6286dbe72ba00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
355267
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Wed, 04 Dec 2024 08:41:12 GMT
server
Apache
img_topics241115.png
www.refa.net/images/index02/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics241115.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e05338752c34f37afa6b777747eaa7f318fab14a51a8b6876543550db6512745
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"4c95-626db4f46d780"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
19605
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Thu, 14 Nov 2024 08:33:50 GMT
server
Apache
img_topics25042402.png
www.refa.net/images/index02/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics25042402.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4f9ae5d90f601466f0b2f62dbd41c201fe39b9586adb23f01387dd0a80c4069b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"4dc9-6335788e2cc00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
19913
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 22 Apr 2025 05:48:32 GMT
server
Apache
img_topics25042401.png
www.refa.net/images/index02/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics25042401.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
50a15fd8948b9cbbc75c65539420377625d99c59e77ecbfa6ead40d20a50f561
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"6722-6335784e47540"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
26402
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 22 Apr 2025 05:47:25 GMT
server
Apache
img_topics250416.png
www.refa.net/images/index02/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics250416.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
12c6bd9c71c5c5973eee8b4847f96ba481838ebad0b6dba860c05386d535e841
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"6398-632403123f600"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
25496
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 08 Apr 2025 08:32:24 GMT
server
Apache
img_topics-mybathroom.png
www.refa.net/images/index02/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics-mybathroom.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
13a3725a7a9cbb6cd31e31aaf38ded77543b8d3f80ecf0649fec2439def693e5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"719e-6310f0119c340"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
29086
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 24 Mar 2025 04:26:13 GMT
server
Apache
img_topics250127.png
www.refa.net/images/index02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics250127.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
a91a0b9abba1fd929121fee0db6a068a3b733df621f6a337f5a7cfaadeb39cb4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"3149-62ca64203c300"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
12617
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 27 Jan 2025 01:47:24 GMT
server
Apache
img_topics_experience.jpg
www.refa.net/images/index02/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_topics_experience.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
59eb9a72a36b3ecad4a44d11d0b90d16397f07290d748d99025efd26cfe43599
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"2022-6254617699dc0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
8226
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Fri, 25 Oct 2024 05:07:11 GMT
server
Apache
img_mtitle_movie.png
www.refa.net/images/index02/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_mtitle_movie.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
2d1fa6b88df0daf228a506d6570e26fe40d3b48a60f024f27b5c407301049e9d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"6a7-6113cbe9e0180"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1703
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 13 Feb 2024 05:34:14 GMT
server
Apache
movie_09.png
www.refa.net/special/movie/images/ 		289 KB
289 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/special/movie/images/movie_09.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
eccb869ac94b5913c7de835ba0755d6c4b09a26cc709d69f1f364141fcdc53bd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"482b2-626d936c67b40"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
295602
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Thu, 14 Nov 2024 06:03:49 GMT
server
Apache
img_mtitle_pro.png
www.refa.net/images/index02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_mtitle_pro.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
4f598cbac807f873d0d48a932391c8fe2ba795ac9a4102eabe6e0183cc12dbc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"bde-59dd422addb00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
3038
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:44 GMT
server
Apache
img_pro01.png
www.refa.net/images/index02/ 		92 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro01.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
524ee1e948aa16b1ffb35f80197d77a28d4a4709cdf17a24fc9c64353ba05766
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"170b3-61bc6fea58980"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
94387
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 26 Jun 2024 08:42:30 GMT
server
Apache
img_pro_more.png
www.refa.net/images/index02/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro_more.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
3cb1d3b6a02a855c49562ee15c08f18cd35d00c2edc0f4931d84abcdd76b78d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"4b1-59dd422cc5f80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1201
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:46 GMT
server
Apache
img_pro02.png
www.refa.net/images/index02/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro02.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0e4f4ca9a9984bb66c83a3960717bf3a159ccd187c50f0454c1edc13e2f32c92
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"16155-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
90453
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
img_pro03.png
www.refa.net/images/index02/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro03.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0ba48dccf406bd820e3d57ae7f8ef8d9cb1297b831a842eed939312473b77fe9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"692f-61ed6b8834e78"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
26927
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Sun, 04 Aug 2024 07:43:47 GMT
server
Apache
img_pro04.png
www.refa.net/images/index02/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro04.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
665b7fa7318542e8161416bb89e4ff95b319f8fd758f7d6dff19e7154d9eb51c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"15b05-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
88837
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
img_pro05.png
www.refa.net/images/index02/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro05.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
50c917f3539f19ccf47be4cba7a89195fe163b6e75be2004bd6bbad3c5c29c48
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"6daa-61ed6b8852339"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
28074
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Sun, 04 Aug 2024 07:43:47 GMT
server
Apache
img_pro06.png
www.refa.net/images/index02/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_pro06.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
f693f116ace8ff34b15f0c907bd75a41d85a9dc2d1b2de39aeba00460624f8ed
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"c99d-61b11b5c14480"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
51613
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Mon, 17 Jun 2024 08:25:38 GMT
server
Apache
img_title_about.png
www.refa.net/images/index02/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_title_about.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
44070a7cb5d5c616e215b0cc03ba5fe0c8185716f7efb4c6b7f7e6e3cfd93aae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"2e64-59dd422eae400"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
11876
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:48 GMT
server
Apache
img_mtitle_about.png
www.refa.net/images/index02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_mtitle_about.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ad595d2bcb4a29c72749ff607de9852c23e4f80ef11b6dca780a21d5e8f65cea
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"c84-59dd422addb00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
3204
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:44 GMT
server
Apache
img_about_sp.png
www.refa.net/images/index02/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_about_sp.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
845b9a0b4351439241ee717d7d4c8aa54299fb5ef5abb23a4daae3f622469afe
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"4ec4-6113cbda9dd80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
20164
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Tue, 13 Feb 2024 05:33:58 GMT
server
Apache
img_about_pc.png
www.refa.net/images/index02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_about_pc.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ba485578d0039123c373e049537654a4463ec6539a5e150d1f33f447f9713dd9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"92c-6092520714cc0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2348
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Thu, 02 Nov 2023 06:02:03 GMT
server
Apache
img_title_stores.png
www.refa.net/images/index02/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_title_stores.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
47a1c22451364f6ae69bcc5fc506001e077c923b7b60e02d8715078457d45e98
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1920-59dd422eae400"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
6432
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:48 GMT
server
Apache
img_stores.png
www.refa.net/images/index02/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_stores.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ff25a3558bfc76f1e6aecb41b5063f2c6c02d79d5a7f93c2703474dd7ffdb229
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1923f-61ed6b1dab900"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
102975
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Sun, 04 Aug 2024 07:41:56 GMT
server
Apache
img_mtitle_stores.png
www.refa.net/images/index02/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_mtitle_stores.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
d2d19470c6e6582fa8077412c42c7ae1b80aa298b80b97fb4eb4ec8b46ff7c75
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"9c7-59dd422addb00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2503
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:44 GMT
server
Apache
btn-pagetop.png
www.refa.net/images/common/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/btn-pagetop.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c38aa8e3a4697d31196a6ccdaa5959b8ded88268dec8b7b4556443d4b31f51e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"a32-59dd426f87d00"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2610
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:29:56 GMT
server
Apache
bnr-shop-sp.jpg
www.refa.net/images/bnr/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/bnr/bnr-shop-sp.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
440c00dc7b522ef7e41675fe03f07e21882d878294ffe6811bde503fdcb9afc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"439a-56ad2c1ffda80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
17306
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Fri, 27 Apr 2018 11:25:14 GMT
server
Apache
bnr-shop-pc.jpg
www.refa.net/images/bnr/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/bnr/bnr-shop-pc.jpg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9c7413f69684c3785ee0c59fde2a95c90ad749a0b71ed32d96e972be34bab627
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"8c4d-59f9ee351eec0"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
35917
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Fri, 28 Feb 2020 08:47:31 GMT
server
Apache
icon-sns-instagram.svg
www.refa.net/images/common/ 		1 KB
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/icon-sns-instagram.svg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
55f536d57e399a63e080c49d01c4f40735659098956fda72af1f8b592cc3688e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"490-56ad2c1ffda80-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
587
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Fri, 27 Apr 2018 11:25:14 GMT
server
Apache
vary
Accept-Encoding
icon-sns-facebook.svg
www.refa.net/images/common/ 		366 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/icon-sns-facebook.svg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
db7749bf28c50f07a15842bfe0d9a95fc6865c9d716ea99e27f581a5fe56f208
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"16e-56ad2c1ffda80-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
246
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Fri, 27 Apr 2018 11:25:14 GMT
server
Apache
vary
Accept-Encoding
logo_mtg.svg
www.refa.net/images/common/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/common/logo_mtg.svg
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0e0af92009f1fe0ff4d7e2a5a3629e7c4609ba49e27b8a9778137e48f9790fc5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"75e-56b2f991cf500-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
741
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/svg+xml
last-modified
Wed, 02 May 2018 02:11:00 GMT
server
Apache
vary
Accept-Encoding
notosansjapanese.css
fonts.googleapis.com/earlyaccess/ 		3 KB
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/earlyaccess/notosansjapanese.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
28b2daaba34cf81a2cfcc1387f8b643970b99217d4bf38d81998f1881728d250
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 09:59:52 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
mtg.css
www.refa.net/css/ 		1 KB
773 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/mtg.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
23b168d37d67d881829975f86b7c730f893a51cf337b0700cee1283c8c1d62d7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/css/common.css?v=190920

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"40a-5ec89406b45c0-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
437
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Thu, 03 Nov 2022 04:18:39 GMT
server
Apache
vary
Accept-Encoding
css
fonts.googleapis.com/ 		2 KB
994 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
415a145bd4c7403ac624e017365aab54cc22d70431d4c81d2f31d2bc89023d16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 09:59:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:52 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Fri, 25 Apr 2025 09:59:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
howto.css
www.refa.net/css/ 		1 KB
783 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/howto.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/common.css?v=190920
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
7e502c6085eb961bec751d36ee86be53ae7b90e0e716d0acefc1c4525abf4388
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/css/common.css?v=190920

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"44e-5bda246c1a240-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
448
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Tue, 16 Mar 2021 07:25:53 GMT
server
Apache
vary
Accept-Encoding
style_sp.css
www.refa.net/css/ 		77 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/style_sp.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
de4f47c8c2395815559148bdb19dec5d4eb84e130e4639e00d915a82eb4680b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"13438-6301d711baebd-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
9986
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Wed, 12 Mar 2025 04:14:30 GMT
server
Apache
vary
Accept-Encoding
style_tab.css
www.refa.net/css/ 		86 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/style_tab.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c1f35a05b78d4d581914533d507f1abd3bf7351f7ff41f5f0d388d54e1bf5fb6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"159a1-5ee955e0cfac0-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
11304
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Tue, 29 Nov 2022 05:36:19 GMT
server
Apache
vary
Accept-Encoding
index_sp.css
www.refa.net/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/index_sp.css
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
b730ea5162b85026d63b361b95025dc8766e58db7dcae31a8cc4ce1025bfae3a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"2b91-6117b5d865c00-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2633
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
text/css
last-modified
Fri, 16 Feb 2024 08:16:48 GMT
server
Apache
vary
Accept-Encoding
NotoSansJP-DemiLight.woff2
fonts.gstatic.com/ea/notosansjapanese/v6/ 		2 MB
2 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-DemiLight.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosansjapanese.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f163.1e100.net
Software
sffe /
Resource Hash
7537cf619819feb34e2ac57dbca05ff1584047440ce0c8fcfdc5bcd719536177
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.refa.net
Referer
https://fonts.googleapis.com/

Response headers

age
103775
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Apr 2026 05:10:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Apr 2025 05:10:17 GMT
last-modified
Tue, 22 Sep 2015 23:26:49 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
1618068
x-xss-protection
0
server
sffe
jquery.cookie.js
www.refa.net/js/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/jquery.cookie.js?_=1745575192904
Requested by
Host: www.refa.net
URL: https://www.refa.net/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.refa.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"cb4-53ec84d6e2a40-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1407
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Fri, 14 Oct 2016 00:28:17 GMT
server
Apache
vary
Accept-Encoding
gtm.js
www.googletagmanager.com/ 		437 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
45e8db73421fb994f6a669e030bd592088deef4c704e151b72481556619aa5df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1310:0
content-length
143539
x-xss-protection
0
server
Google Tag Manager
tag.js
s.yjtag.jp/ 		0
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yjtag.jp/tag.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

etag
"d41d8cd98f00b204e9800998ecf8427e"
age
9827
ats-carp-promotion
1
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
x-amz-request-id
7f267151-0548-4e9b-978c-842c96300424
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
0
date
Fri, 25 Apr 2025 07:16:05 GMT
content-type
application/javascript
last-modified
Fri, 28 Jun 2024 04:51:18 GMT
server
DragonStorage
img_redbtn.png
www.refa.net/images/index02/ 		481 B
779 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_redbtn.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
dcd2068d1d0e40a42043d396e3d60b1437f144965f57a1365dba3901a5c7d81d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"1e1-59dd422cc5f80"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
481
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:46 GMT
server
Apache
movie_play.png
www.refa.net/images/index02/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/movie_play.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/special/movie/css/movie.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
fc4969afcf1d9804f4f899a6f975b31bfb66408bc7fd43404c6172dc5f79994e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/special/movie/css/movie.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"31df-6115283e3d180"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
12767
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 14 Feb 2024 07:32:38 GMT
server
Apache
movie_arr.png
www.refa.net/images/index02/ 		642 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/movie_arr.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/special/movie/css/movie.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
0fe30326ace35e058a501d3a301a7930c82fd9fce3231478452f14fa2237403d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/special/movie/css/movie.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"282-6115283e3d180"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
642
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 14 Feb 2024 07:32:38 GMT
server
Apache
img_bg_pc.png
www.refa.net/images/index02/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/img_bg_pc.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
112512dba86709f5330c91fbfce0b75fbbce56cdb5f25e7ccce6d5ba6b150519
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"49cf-61ed6b8673ae8"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
18895
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Sun, 04 Aug 2024 07:43:45 GMT
server
Apache
ProximaNova-Regular.otf
www.refa.net/css/font/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/css/font/ProximaNova-Regular.otf
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.refa.net
Referer
https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
x-content-type-options
nosniff
accept-ranges
bytes
content-length
2602
date
Fri, 25 Apr 2025 09:59:52 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Apache
NotoSansJP-Regular.woff2
fonts.gstatic.com/ea/notosansjapanese/v6/ 		2 MB
2 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Regular.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosansjapanese.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f163.1e100.net
Software
sffe /
Resource Hash
5fe36ac41d735e262ed03dfa258ad1c09ae6e73420f494e7c98380f3cdd133d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.refa.net
Referer
https://fonts.googleapis.com/

Response headers

age
102446
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Apr 2026 05:32:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Apr 2025 05:32:26 GMT
last-modified
Tue, 22 Sep 2015 23:26:49 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
1631896
x-xss-protection
0
server
sffe
NotoSansJP-Bold.woff2
fonts.gstatic.com/ea/notosansjapanese/v6/ 		2 MB
2 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/notosansjapanese/v6/NotoSansJP-Bold.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/earlyaccess/notosansjapanese.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.25.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s13-in-f163.1e100.net
Software
sffe /
Resource Hash
0096d793dbff0842ac166ca51051e699d149e88ded75cef3b6de664f9b7721ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Origin
https://www.refa.net
Referer
https://fonts.googleapis.com/

Response headers

age
103451
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 24 Apr 2026 05:15:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Apr 2025 05:15:41 GMT
last-modified
Tue, 22 Sep 2015 23:26:49 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
1711168
x-xss-protection
0
server
sffe
arrow-L.png
www.refa.net/images/index02/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/arrow-L.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
be2bce89bb5f2723be6c2a7815ac1723ad50487538967bd9e3bf760333e3bcad
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"5a5-59dd42233c900"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1445
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:36 GMT
server
Apache
arrow-R.png
www.refa.net/images/index02/ 		570 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.refa.net/images/index02/arrow-R.png
Requested by
Host: www.refa.net
URL: https://www.refa.net/css/index_pc.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ab32d76d64ab36478d657f01c5e77e6526c8a6099c364aa0ecd7124621d41fdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/css/index_pc.css

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"23a-59dd42233c900"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
570
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
image/png
last-modified
Wed, 05 Feb 2020 13:28:36 GMT
server
Apache
top.js
www.refa.net/js/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/js/top.js?_=1745575192905
Requested by
Host: www.refa.net
URL: https://www.refa.net/js/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
ae5e551805001afa84d27b1400bb18071c12d9829345febb9357d54fb544265e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.refa.net/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
content-encoding
gzip
etag
"2153-581371e97c300-gzip"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
1965
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
1; mode=block
content-type
application/javascript
last-modified
Wed, 06 Feb 2019 10:23:40 GMT
server
Apache
vary
Accept-Encoding
collect
www.google.com/ccm/ 		0
0 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.refa.net%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=631786688.1745575193&dt=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&auid=403049984.1745575193&navt=n&npa=0&gtm=45He54n0v77419047za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&tft=1745575193299&tfd=811&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers
js
www.googletagmanager.com/gtag/ 		375 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c9b1c1cb32cf5171a2c1a753d8ca75532c8db4c987bc25b876283837c805eae2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
126713
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
age
2976
report-to
{"group":"ascnsrsgac:225:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 11:10:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:10:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:225:0
content-length
20994
server
Golfe2
ld.js
static.criteo.net/js/ld/ 		72 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::2e , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2b1569f169809d69310a339774c908c2ee095d2d90ce5f1464d922ef02ac474e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"67fd7adf-11feb"
cross-origin-resource-policy
cross-origin
expires
Sat, 26 Apr 2025 09:59:53 GMT
access-control-allow-origin
*
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/javascript
last-modified
Mon, 14 Apr 2025 21:15:11 GMT
server
nginx
ytag.js
s.yimg.jp/images/listing/tool/cv/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/cv/ytag.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
/
Resource Hash
5a9fc9a8f2f9175d67b30b0c5e2fd4bf0e1a89c3e7c26574c2d9be8d0728494b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
public, max-age=600
content-encoding
gzip
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
216
ats-carp-promotion
1
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
11430
date
Fri, 25 Apr 2025 09:56:17 GMT
last-modified
Thu, 10 Apr 2025 06:13:01 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-ntap-sg-trace-id
c3eff3f3e578964e
segmentation.js
js.fout.jp/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.fout.jp/segmentation.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.42.117.131 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-117-131.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
28fbbe396672899343f5a40b8d32c33d863bb7d266cd3cca08291790677e9f52

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Cache-Control
max-age=1667
Content-Encoding
gzip
ETag
"66c69d60-3240"
Connection
keep-alive
Expires
Fri, 25 Apr 2025 10:27:40 GMT
Accept-Ranges
bytes
P3P
CP="ADM NOI OUR"
Content-Length
2878
Date
Fri, 25 Apr 2025 09:59:53 GMT
Last-Modified
Thu, 22 Aug 2024 02:07:28 GMT
Content-Type
application/javascript
Server
nginx
Vary
Accept-Encoding
pixel.js
cd.ladsp.com/script/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.ladsp.com/script/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.30.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-30-90.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef71352e0a4b4b55774686c8bb9ad5783b33460c6dae197532b954f008379390

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
public, max-age=864000, immutable
etag
"ce6d701190191d9e53a73c451743d171"
age
1018774
via
1.1 93689531d487d213dcafb22a50d9b530.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1480
x-amz-cf-id
qRvpUdkKQtl7S4B1u41fVzIP1UY8V_PgJxKmuUITTJySyJ8GLmHigQ==
date
Sun, 13 Apr 2025 15:00:20 GMT
content-type
text/javascript
last-modified
Wed, 08 Jan 2020 07:33:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P1
conversion.js
www.googleadservices.com/pagead/ 		62 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
40f10ff64da9f0c2ef03317b611eee8fa8f181f7494cc4d0770fa476a8dd952d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
etag
6541549823418896178
x-content-type-options
nosniff
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
22864
x-xss-protection
0
server
cafe
blade_track_jp.js
d-cache.microad.jp/js/ 		0
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d-cache.microad.jp/js/blade_track_jp.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
138.113.138.164 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
PWS/8.3.1.0.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

X-Px
ht PSrbdbOSA2kr101KIX
Cache-Control
max-age=604800
x-ws-request-id
680b5d19_PSrbdbOSA2kr101_39219-4766
ETag
"0"
Connection
keep-alive
Via
1.1 PSrbdbOSA2sj134:14 (W), 1.1 PSrbdbOSA2kr101:15 (W)
Expires
Thu, 15 May 2025 22:05:56 GMT
Accept-Ranges
bytes
Content-Length
0
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
application/javascript
Last-Modified
Wed, 23 Jun 2021 05:11:22 GMT
Server
PWS/8.3.1.0.8
s_retargeting.js
b92.yahoo.co.jp/js/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b92.yahoo.co.jp/js/s_retargeting.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
DragonStorage /
Resource Hash
76f7ed1e950345347015644836dd7a02a7fbe5f31c6034c60b75f2d980bf965c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

etag
"ac76555ae1769b02dcd1baf78b45d21b"
age
200
x-content-type-options
nosniff
date
Fri, 25 Apr 2025 09:56:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Thu, 15 Feb 2024 01:51:14 GMT
x-frame-options
SAMEORIGIN
cache-control
public, max-age=600
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy
cross-origin
x-amz-request-id
b9d26a5c-97e5-453b-b3a2-90d36c3b77cd
permissions-policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
accept-ranges
bytes
content-length
7245
x-xss-protection
1;mode=block
server
DragonStorage
cmt.js
taj1.ebis.ne.jp/yFcxPY5G/ 		0
393 B 		Script
General
Check archive.org
Download Go to
Full URL
https://taj1.ebis.ne.jp/yFcxPY5G/cmt.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2828:2800:1e:513c:d3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
immutable, max-age=600, s-maxage=60, public
etag
"0-62e88ce30d280"
age
49
cross-origin-resource-policy
cross-origin
via
1.1 9dd35ba084a071771e7b94fc2bf7df88.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
I0759il1q8WBod-pyiPzJRq-1eW8fFGE5iQQ8CnT9BGdY_FitmWbow==
date
Fri, 25 Apr 2025 09:59:05 GMT
content-type
application/javascript
last-modified
Thu, 20 Feb 2025 01:29:30 GMT
server
Apache
x-amz-cf-pop
NRT57-P5
vary
Accept-Encoding
fbevents.js
connect.facebook.net/en_US/ 		271 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-VroxIGRk' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-VroxIGRk' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4780, tp=9, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
FeFth3J88xi+V3Vzhxq6j9I1GkeHUXcFPIeYNp/vBsUXfXTyyQrpMQ3VlEORBuUN3p7zggOzHHAVcYzYQvmPbA==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-VroxIGRk' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
69961
x-xss-protection
0
origin-agent-cluster
?1
uwt.js
static.ads-twitter.com/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.148.157 Amsterdam, Netherlands, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac89958fd75e99eba92cdb3f927cce205bd05c2c6ffe643c4bf52ca6558d61b3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"d980aaf9efaa780ff3fdc50fad42ffbd+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15921
date
Fri, 25 Apr 2025 09:59:53 GMT
x-tw-cdn
FT
last-modified
Mon, 21 Apr 2025 20:37:02 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kjyo7100066-IAD, cache-nrt-rjtt7900021-NRT
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		280 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-774022946
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4be1b568e89c78457cc77e33a6177663089dd80cc47341f73a789fdd43d05e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
102670
x-xss-protection
0
server
Google Tag Manager
conversion.js
s.yimg.jp/images/listing/tool/cv/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.jp/images/listing/tool/cv/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.24.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
/
Resource Hash
9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
public, max-age=600
content-encoding
gzip
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
age
127
ats-carp-promotion
1
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
content-length
2140
date
Fri, 25 Apr 2025 09:57:46 GMT
last-modified
Tue, 25 Jan 2022 16:25:04 GMT
content-type
application/javascript
vary
Accept-Encoding
x-ntap-sg-trace-id
a24751ef4e500d6a
lt.js
d.line-scdn.net/n/line_tag/public/release/v1/ 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.192.193.157 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-192-193-157.deploy.static.akamaitechnologies.com
Software
VOS /
Resource Hash
589dc9e3526bc771a26cd4f2f0e33785d14e061b9ecce3535065d9cd5c43e0af
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
x-amz-version-id
DDDdZAClWUeAh-dY1m-8pU.uZtP5Isp
etag
"deb60f5d7ffaa8b1111afb925dd163de"
expires
Fri, 02 May 2025 01:37:21 GMT
x-rgw-object-type
Normal
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 01:34:14 GMT
x-amz-expiration
expiry-date="Mon, 02 Jun 2025 00:00:00 GMT", rule-id="bucket_lifecycle"
vary
Accept-Encoding
strict-transport-security
max-age=15768000
cache-control
max-age=574648
x-amz-request-id
tx0000001f041e3012a7841-0067ec94f4-18549c78-jp2
accept-ranges
bytes
content-length
9897
server
VOS
js
www.googletagmanager.com/gtag/ 		280 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-774025335
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec21fdac71d754a68b5e19acf07442f1ca7f666483f5d83eb63e41be683d9b0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
102779
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		312 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-774046165
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b45a8c68b845d10350545325cd3c14fd09a777a7510b4026d070cfaf0ac2329
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
111462
x-xss-protection
0
server
Google Tag Manager
pixel2.js
cd.ladsp.com/script/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.ladsp.com/script/pixel2.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.30.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-30-90.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2caf72ed04f9de90d7ecb5fa23f95de7a1f977b19dfbb4bbe6e92765fe581b3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
public, max-age=864000, immutable
content-encoding
gzip
etag
"1865a48add09346bb849f814b9bb46e6"
age
1319321
via
1.1 93689531d487d213dcafb22a50d9b530.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
2638
x-amz-cf-id
1TgtqchXtdTZYmzOJFAaE-K96O5D8_aNhc90Cph-TMYKvwdi272oXA==
date
Thu, 10 Apr 2025 03:31:13 GMT
content-type
text/javascript
last-modified
Thu, 05 Dec 2024 02:03:50 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P1
x-amz-server-side-encryption
AES256
utag.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca85d4a417a32bf646e74f6ddfd068a95dfafb72ade0b4200ce718f963f318dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"2da323be064abb2d32f849afa0b3d22d"
x-amz-version-id
LrdUEohat9mYKLmhyc1xdIJr6yAxuJT9
age
212
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
-Be-J3ppDmj8ll4dTyGW-8FA1rdm8y42smJqSCQwUTPotIEafDgOrQ==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:45 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
sw_iframe.html
www.googletagmanager.com/static/service_worker/54l0/ Frame 7BE7 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/static/service_worker/54l0/sw_iframe.html?origin=https%3A%2F%2Fwww.refa.net
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:825::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
68575
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1482
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Apr 2025 14:56:58 GMT
expires
Fri, 24 Apr 2026 14:56:58 GMT
last-modified
Mon, 21 Apr 2025 09:28:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cnt
cnt.fout.jp/15861/ 		43 B
634 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cnt.fout.jp/15861/cnt?id=15861&url=https%3A%2F%2Fwww.refa.net%2F&rurl=&siteid=&segid=&price=&dat=&params=&encoding=&bc=1&eids=&cachebuster=4270088568808
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
202.232.238.39 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Transfer-Encoding
chunked
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
image/gif
Server
nginx
syncframe
gum.criteo.com/ Frame A36F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.refa.net&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
95a6465b4150259acc5301f8bb35c3d4b453db3eb366ee8d8571c7f52fb2f9b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:52 GMT
server
Kestrel
server-processing-duration-in-ticks
256691
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
adsct
t.co/i/ 		43 B
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&dv=Asia%2FTokyo%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=de73f3ac-2dd0-4b11-a6f3-b2554a5cedc6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bfc7d884-b215-439d-9bcc-c7a12fec4092&tw_document_href=https%3A%2F%2Fwww.refa.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1pfx&type=javascript&version=2.3.32
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.66.0.227 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=0
x-transaction-id
db95c07b4e8588d5
cache-control
no-cache, no-store, max-age=0
x-connection-hash
a5090098bfe79bee5003f95d66bcf2520c99e3e8dc9055a50389672aa1ec41b2
cf-cache-status
DYNAMIC
cf-ray
935cfd7f7c25eb99-NRT
x-response-time
6
content-length
43
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_p
adsct
analytics.twitter.com/i/ 		43 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&dv=Asia%2FTokyo%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2612%2624%261600%261200%260%26na&eci=2&event_id=de73f3ac-2dd0-4b11-a6f3-b2554a5cedc6&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=bfc7d884-b215-439d-9bcc-c7a12fec4092&tw_document_href=https%3A%2F%2Fwww.refa.net%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1pfx&type=javascript&version=2.3.32
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_p /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
0a61b60bb352cb15
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c68879d3929fa05b6ec78dfda92a7245f59d2cf61597ae72193b9f0039e1d349
cf-cache-status
DYNAMIC
cf-ray
935cfd7f9e34fd43-NRT
x-response-time
5
content-length
43
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_p
collect
www.google-analytics.com/j/ 		3 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=942788264&t=pageview&_s=1&dl=https%3A%2F%2Fwww.refa.net%2F&ul=ja-jp&de=UTF-8&dt=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1302400412&gjid=2134517524&cid=1394870140.1745575193&tid=UA-66487979-1&_gid=1059188510.1745575193&_r=1&_slc=1&gtm=45He54n0n81WNK3637v77419047za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&z=1226340006
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.refa.net/

Response headers

report-to
{"group":"ascnsrsgac:175:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.refa.net
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsgac:175:0
content-length
3
server
Golfe2
tag.gif
tr.line.me/ 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.line.me/tag.gif?b_id=f239ac41-3785-4a0e-b2c2-4ce573983906&b_u=https%3A%2F%2Fwww.refa.net%2F&b_d=www.refa.net&b_p=%2F&b_t=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&c_t=lap&t_id=a7e2460d-a29a-45c7-8599-3f8bc7761730&s_id=0abdf5f4-46e5589c&x4=100&e=pv&v=3.5.0&_t=1745575193451
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Cache-Control
private, no-store, no-cache, must-revalidate
Content-Length
43
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
sid
mug.criteo.com/ Frame A36F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=refa.net&sn=ChromeSyncframe&so=undefined&topUrl=www.refa.net&topicsavail=1&fledgeavail=1
  • https://mug.criteo.com/sid?cpp=BWdECHwzWkg4V0JPV2ZVdU5mS3R0eG5qM1dhZlNCUEMyZXJkS1NtbnljcWdFcEFVemJvTlNkVHpXazl4OWU1a2Y0ck1HeElLR1ZNclJyMlYzY1VmN1JUaUh2RnZCQ2JjeXBScGlyMGpieTFYMUc4WG51K0RaeUVnNVN5VV...
425 B
991 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=BWdECHwzWkg4V0JPV2ZVdU5mS3R0eG5qM1dhZlNCUEMyZXJkS1NtbnljcWdFcEFVemJvTlNkVHpXazl4OWU1a2Y0ck1HeElLR1ZNclJyMlYzY1VmN1JUaUh2RnZCQ2JjeXBScGlyMGpieTFYMUc4WG51K0RaeUVnNVN5VVhJeVdqSkNWWmFPeWw4NnMwUDZ6bTBrMEIzcTYyT285VU9QdEN3STE4WEJrMEtkMkNabkNKMHBzdFZYd0ZlWVZsait1VlZVZmdpSWUzWlBha0Q4ejYzM1B6SS8rK1VHYzRSeFZHaUc4Wmk2ZzZLWjdvWnlLNFpROTJ4dDJ4S2pyUy9zTlRDTzdQR3hFV01rSkhIaDZydnY1RExLaG01NTBhalRrWDNUcjdSQ0Q4eWUzT2dpOD18&cppv=2
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e59ce1d3b38f496f56dfffa7388a4867facc9e7acae6bbbf22374fc3bf268e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://gum.criteo.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1090653
expires
0
access-control-allow-origin
https://gum.criteo.com
date
Fri, 25 Apr 2025 09:59:52 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=BWdECHwzWkg4V0JPV2ZVdU5mS3R0eG5qM1dhZlNCUEMyZXJkS1NtbnljcWdFcEFVemJvTlNkVHpXazl4OWU1a2Y0ck1HeElLR1ZNclJyMlYzY1VmN1JUaUh2RnZCQ2JjeXBScGlyMGpieTFYMUc4WG51K0RaeUVnNVN5VVhJeVdqSkNWWmFPeWw4NnMwUDZ6bTBrMEIzcTYyT285VU9QdEN3STE4WEJrMEtkMkNabkNKMHBzdFZYd0ZlWVZsait1VlZVZmdpSWUzWlBha0Q4ejYzM1B6SS8rK1VHYzRSeFZHaUc4Wmk2ZzZLWjdvWnlLNFpROTJ4dDJ4S2pyUy9zTlRDTzdQR3hFV01rSkhIaDZydnY1RExLaG01NTBhalRrWDNUcjdSQ0Q4eWUzT2dpOD18&cppv=2
pragma
no-cache
server-processing-duration-in-ticks
265948
expires
0
content-length
0
date
Fri, 25 Apr 2025 09:59:53 GMT
server
Kestrel
2088394124800450
connect.facebook.net/signals/config/ 		67 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2088394124800450?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
98efbc407dca2fcdee11a9225437041a5ab0314864fa91833707c16e0b164d84
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-jamsJ4r2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-jamsJ4r2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=84, mss=1232, tbw=79556, tp=74, tpl=0, uplat=207, ullat=0
pragma
public
x-fb-debug
T3OOujyIJoHRW59BX/rkT7bfK9BW6nzZqEUyT37GEfgIB9hFSue9IB7gfwdSfB1/wmP9VlkIXt58zV+xTuDqWw==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-jamsJ4r2' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
pixel
px.ladsp.com/
Redirect Chain
  • https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInB...
  • https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI...
747 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Server
18.182.218.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-218-121.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
1f7152bc9870d2705720dfb9a005bb9b85872aa2871841e2290d8d6f3d103a3e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

expires
-1
cache-control
private, no-store, no-cache, must-revalidate
content-encoding
gzip
date
Fri, 25 Apr 2025 09:59:53 GMT
pragma
no-cache
content-type
text/javascript;charset=utf-8
vary
accept-encoding

Redirect headers

expires
-1
cache-control
private, no-store, no-cache, must-revalidate
location
https://px.ladsp.com/pixel?cr=true&advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
content-length
0
date
Fri, 25 Apr 2025 09:59:53 GMT
pragma
no-cache
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/953126323/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953126323/?random=1745575193519&cv=9&fst=1745575193519&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838%2C658953496&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3DREPLACE_WITH_VALUE%3Becomm_pagetype%3DREPLACE_WITH_VALUE%3Becomm_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
c8f2557c758747b429fcebe664c3a0a0d1f6708f25ae204b163b8aa741167e37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2000
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/774022946/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774022946/?random=1745575193541&cv=11&fst=1745575193541&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774022946
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
0513bdc4727d279aec2e447d48a89d02cd1c53f8c26fc5079c781bb78022ecba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
1985
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
774022946
td.doubleclick.net/td/rul/ Frame 5D1D 		13 B
523 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/774022946?random=1745575193541&cv=11&fst=1745575193541&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774022946
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion_async.js
b97.yahoo.co.jp/pagead/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b97.yahoo.co.jp/pagead/conversion_async.js
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/conversion.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
cafe /
Resource Hash
521ffb719d3a151ff80f1d59ffa16a6fbf3c128828cbd66c717ae0c3f73758b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Content-Encoding
br
ETag
2076975532811082731
Age
0
X-Content-Type-Options
nosniff
Expires
Fri, 25 Apr 2025 09:59:53 GMT
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
text/javascript; charset=UTF-8
Content-Disposition
attachment; filename="f.txt"
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Permissions-Policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
X-XSS-Protection
0
Server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/774025335/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774025335/?random=1745575193578&cv=11&fst=1745575193578&bg=ffffff&guid=ON&async=1&gtm=45be54n0h1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774025335
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
af379f303873ed7dde6be5cc2d826b8dcf7686d33474ce0acbe7d8fc310e3bfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
1990
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
774025335
td.doubleclick.net/td/rul/ Frame 20EE 		13 B
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/774025335?random=1745575193578&cv=11&fst=1745575193578&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0h1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774025335
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
am.yahoo.co.jp/rt/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://am.yahoo.co.jp/rt/?p=UHWDCG97KB&label=&ref=https%3A%2F%2Fwww.refa.net%2F&rref=&pt=&item=&cat=&price=&quantity=&r=1745575193.9082785&pvid=0oa7aigyucbm9wmefg7&su=b6c26d55-9252-4708-9124-7350a7aa2515&_impl=prev
Requested by
Host: b92.yahoo.co.jp
URL: https://b92.yahoo.co.jp/js/s_retargeting.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
183.79.48.249 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

access-control-expose-headers
X-Z-Burls
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
access-control-allow-origin
https://www.refa.net
content-length
0
x-xss-protection
1; mode=block
destination
www.googletagmanager.com/gtag/ 		281 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-10707063&l=dataLayer&cx=c&gtm=45je54n0v889117918za200zb77419047&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
1ede3b0161b1ba4f2e43774edde9c75ab2eb1335ca4b32a1b12be4efbddbcc25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
101247
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3QN5BHV6QK&gtm=45je54n0v889117918z877419047za200zb77419047&_p=1745575192921&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&cid=1394870140.1745575193&ul=ja-jp&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1745575193&sct=1&seg=0&dl=https%3A%2F%2Fwww.refa.net%2F&dt=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&en=page_view&_fv=1&_ss=1&tfd=1177
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:97:0
report-to
{"group":"ascnsrsggc:97:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:97:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.refa.net
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:97:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
555 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-3QN5BHV6QK&cid=1394870140.1745575193&gtm=45je54n0v889117918z877419047za200zb77419047&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3QN5BHV6QK&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c05::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:122:0
report-to
{"group":"ascnsrsggc:122:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:122:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.refa.net
cross-origin-opener-policy-report-only
same-origin; report-to=ascnsrsggc:122:0
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/plain
server
Golfe2
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/?random=1745575193684&cv=11&fst=1745575193684&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
2e9f5a116eae6e176b7ede6a13854738425da3b6876fcc0cd0f1e0737c5686e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2000
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
774046165
td.doubleclick.net/td/rul/ Frame D6CA 		13 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/774046165?random=1745575193684&cv=11&fst=1745575193684&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
event
sslwidget.criteo.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=24259&v=5.37.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&bundle=6uPfH19NRHZwMDZZOU5UdnVBZ1dpbzBxZTdLa1R1d0dqMjNwSXVyMTdHVWMlMkZHYUJSaW0lMkZYZ1d0WWRxTnhEVkFoTFZGMml0bWo5cHZKVGQ2QlZSZnUlMkJJRG9mUXZaMWhRQkFlajJwWUlpRTNmcGZrQ3FNQ21IR0xsaXN3RGxsR0NpTFpvWktBajhyQjhBZWFGYlpKVTlZVW9vVVElM0QlM0Q&tld=refa.net&fu=https%253A%252F%252Fwww.refa.net%252F&ceid=8c0c1376-b09a-40f8-8522-8b205a86c91b
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4394af2b7c2bc94714d93cb6632d654b9feb0919f169b01669ddbc70412a0e6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7486007
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Fri, 25 Apr 2025 09:59:52 GMT
content-type
application/x-javascript
server
Kestrel
utag.1.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.1.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e1e55ca62eee0910dde7263a83c8689ab503fa39e55d469f087bd4da73aaa96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"d480d49da00ea264ff93fd45ace10f43"
x-amz-version-id
RfY1fWBLVZ.fc2mtt6mmRSlixyfLaXjp
age
217
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
9yqyub7iECME2DPAaSWeOgGPMxsc0DUGh7tjdWsr6QJobFhqooEZDA==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:45 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.2.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.2.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0a03387c46336ef65b37a33cac758afaddd1429bc3ea9c014cb135bb3b9aece8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"01764906a2670e8a97abad87837b69e9"
x-amz-version-id
KN6.RLINQkyvVpj_2QPNhcTV2EIRw00C
age
238
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
1wQzgunBdTIfEEOUoClEs5FE8j8sYGJcAN4YvipIzutsiQ_Wf9e7Sw==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.3.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.3.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b98a19365222891ff6bdd5d467a71e5bd25b0cba2ea3733392c6f52bcb44ebf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"de5291e9dc164d3805645276aabc7fff"
x-amz-version-id
_AM4DJAmQ2vb.Dk_0v3UmHfm4kU4eUUa
age
238
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
hSg5a_UmFPMhcfz73z68WqpInc84YwVP59zFUeAUXOo7nlvqn3uXUQ==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.4.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.4.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28011ea8e672ce692536247bea4fce0eda0eda3edb71daa474974b0d7a3c64d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"de7b2f6ee9d63570aef9c61439371855"
x-amz-version-id
q35rtPC.YRxYiq_yXjo7UjKSeqB6m4ay
age
34
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
xWn7j8auhMFnRVgbLY02Ye7PsKd1ePVgXOmQysBv0I4TCgtzqn6ZRQ==
date
Fri, 25 Apr 2025 09:59:47 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.5.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.5.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01148624e9caa337843d91978293481f0c48c8d635e98aee2939b095a54ad2c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"9924ab56ce90bd1e8a9b389bd27a4d47"
x-amz-version-id
6tLRg63P_FQKVtjlCnCh1itqQYvmdo88
age
26
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
q8ZE2gns1YshKDd8MDr4jckr7iw7BBiK0NiAagPmUyt0lF4Q9qtqMg==
date
Fri, 25 Apr 2025 09:59:47 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.6.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.6.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7bef66040637d065b8289d806d1460f78ec8a0fb462125cd554ce3f8ba333846

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"9c8ae6de1b9d16602336716b560fa6e9"
x-amz-version-id
hVGI3leQ13SFajKW5TW1zpK2kPOl255j
age
26
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
UWl8-gG9sVCERy_tK4JPsQE4uOBWqVw10NDvOBsWqffpRfp_h65ZqQ==
date
Fri, 25 Apr 2025 09:59:47 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:45 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.7.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.7.js?utv=ut4.49.202210270538
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ebc6bfe7959d723e5a43241bd42371be02a7a7c0d922213b76e30d11f590a40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"3cce4b40eecc5a3c030a6697487582cf"
x-amz-version-id
ub6FDs08tgMjqhtUrEL_gaU7nBoUhg2I
age
34
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
uf4RXxmMjTG8GjGP6g075vAoyTzq3vbOp9Y758vTXTuog3-jmNi26A==
date
Fri, 25 Apr 2025 09:59:47 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.8.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.8.js?utv=ut4.49.202305240135
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d2e494cce0cb67fe795c1b218d34a107a0ccb73a8cbd1f592ce15e77f806e348

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"c7fc17fd8168583a88f56699ba15b4c2"
x-amz-version-id
gYxx2GYNbFs8O91.Vhtbszn9cG7zN4hR
age
34
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
2eKDjQ06aoILL1d-cRNZPOG7SyMFp2Qea4gehAJ19EZ5aoEdpzO72A==
date
Fri, 25 Apr 2025 09:59:47 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.9.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.9.js?utv=ut4.49.202402150104
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0d8fe227ec2e803f9c176208dc047140089b580a8722b4c17d64eece8eb41b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"a542db9fd113d0c7dc1cc078e9fd1e2c"
x-amz-version-id
kLsk88hPJD37E.OY07gTn7bvn6vwIvGQ
age
26
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
x4uQvg6nLnZySjBAD4ycABQSAb7s1zJEKnkfvqFum8NjZ9upo6Devg==
date
Fri, 25 Apr 2025 09:59:47 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:43 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.14.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.14.js?utv=ut4.49.202502190645
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a2ce6cc85dfc81d5f8d383ff7ab1366eba6cc47cd90f1b13035474267d9e4aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"ff043e36f32e418240462cba83dc0fae"
x-amz-version-id
JDmqoNFxLNfdD60KHjs8LA1H62Ct.XsO
age
210
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
mZw0HTsfVk2MNIG40BvOKV4Q2bUYhrELo7sEKldb7lAqBNZsFkImSg==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.15.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.15.js?utv=ut4.49.202502190645
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8ccbeb009c06056c4feb3e7789e7ec84cd42760012c996b4b8c8aa139926850

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"c6e50abc113567434d538e7a66981e30"
x-amz-version-id
sOjPaMPVOSzfPmp4LEpA6hxFFro2DWef
age
198
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cpC7NXahlsffzwwTygp32AyR0Zppm5Rkgp6PVLMf4VLudlvlNg0DXw==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:45 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
utag.16.js
tags.tiqcdn.com/utag/mtg/refa-net/prod/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.16.js?utv=ut4.49.202503240218
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e3bcdd405be5082639213a43e713e0d6e8b801c37f6c0be7291f324b0853407

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

vary
accept-encoding
cache-control
max-age=300
content-encoding
br
etag
W/"1538cb74a97630fde23586d16752853a"
x-amz-version-id
dTg6XcRK65vR2gF28T5Dg5bZUS8H5M1M
age
198
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
r3FrzUjQG-Ua5OY0RQLNXJb1NVMLZh9R4Dmza-Qc_CU7QTfyFwk-hw==
date
Fri, 25 Apr 2025 09:59:07 GMT
content-type
application/javascript
last-modified
Wed, 02 Apr 2025 09:05:44 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P7
x-amz-server-side-encryption
AES256
iframe
um.ladsp.com/match/ Frame 5279 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Requested by
Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.164.121.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-164-121-106.nrt12.r.cloudfront.net
Software
/
Resource Hash
e501ea721e42ca4bc5f63e1696915101538f3db733bad0493b82e5a2d06c7f14

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

cache-control
private, no-store, no-cache, must-revalidate
content-type
text/html;charset=utf-8
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
-1
pragma
no-cache
via
1.1 87d82572a037b7679d915f1b3b88954e.cloudfront.net (CloudFront)
x-amz-cf-id
P1LzMSUj_-WhG4oEiFNVrVXJn_K1QwJY8foxl6RlP5Om8mCgi9gBkA==
x-amz-cf-pop
NRT12-P3
x-cache
Miss from cloudfront
getTopics2.html
cd.ladsp.com/html/ Frame 04BB 		640 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cd.ladsp.com/html/getTopics2.html?stu=mTxrsbcXjcbp0Lne4Pwl2g
Requested by
Host: px.ladsp.com
URL: https://px.ladsp.com/pixel?advertiser_id=00010701&su=2&site_url=https%3A%2F%2Fwww.refa.net%2F&sua=eyJhcmNoaXRlY3R1cmUiOiIiLCJiaXRuZXNzIjoiIiwibW9kZWwiOiIiLCJtb2JpbGUiOmZhbHNlLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsImZ1bGxWZXJzaW9uTGlzdCI6W119
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.30.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-30-90.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67741fe2bd4e9b44e67da55f3fa7f2e039a908c89c3894fa0870e13c6a313e8f

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2115181
cache-control
public, max-age=259200, immutable
content-length
640
content-type
text/html
date
Mon, 31 Mar 2025 22:26:53 GMT
etag
"ed608d6a6556d56a50143e8d720f3e7f"
last-modified
Tue, 08 Aug 2023 02:13:29 GMT
server
AmazonS3
via
1.1 238f87cf80263f9c43ff4cecc9810868.cloudfront.net (CloudFront)
x-amz-cf-id
0on_w3z9GixOm_Lb6Uyk7T6X7b7xUxIouNYDe8cKt9gSygvtYbzSIg==
x-amz-cf-pop
NRT20-P1
x-amz-meta-s3cmd-attrs
atime:1691460792/ctime:1691460792/gid:901/gname:logicad/md5:ed608d6a6556d56a50143e8d720f3e7f/mode:33204/mtime:1691460792/uid:901/uname:logicad
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
/
www.google.com/pagead/1p-user-list/953126323/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/953126323/?random=1745575193519&cv=9&fst=1745571600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838%2C658953496&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3DREPLACE_WITH_VALUE%3Becomm_pagetype%3DREPLACE_WITH_VALUE%3Becomm_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzFXLHvLS9ES1frL511TR03-4Ymt1GxQ&random=1306568396&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/953126323/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/953126323/?random=1745575193519&cv=9&fst=1745571600000&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838%2C658953496&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&data=ecomm_prodid%3DREPLACE_WITH_VALUE%3Becomm_pagetype%3DREPLACE_WITH_VALUE%3Becomm_totalvalue%3DREPLACE_WITH_VALUE&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzFXLHvLS9ES1frL511TR03-4Ymt1GxQ&random=1306568396&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/774022946/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/774022946/?random=1745575193541&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzk-5auRBo5B00-lTJB0psjpIK8Bzcwg&random=1720368096&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/774022946/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/774022946/?random=1745575193541&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzk-5auRBo5B00-lTJB0psjpIK8Bzcwg&random=1720368096&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
b97.yahoo.co.jp/pagead/conversion/1001047234/ 		42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b97.yahoo.co.jp/pagead/conversion/1001047234/?random=1745575193746&cv=9&fst=1745575193746&num=1&fmt=3&guid=ON&disvt=false&eid=466465925&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Age
0
X-Content-Type-Options
nosniff
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
image/gif
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
script-src 'none'; object-src 'none'
Cache-Control
no-cache, no-store, must-revalidate
Timing-Allow-Origin
*
Pragma
no-cache
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Permissions-Policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length
42
X-XSS-Protection
0
Server
cafe
/
www.google.com/pagead/1p-user-list/774025335/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/774025335/?random=1745575193578&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0h1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzkS6VOgPz0RkZKTW3WzDjaAvE7U88IA&random=1122515502&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/774025335/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/774025335/?random=1745575193578&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0h1za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101509156~102887800~103051953~103071290~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDZpuyzkS6VOgPz0RkZKTW3WzDjaAvE7U88IA&random=1122515502&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.facebook.com/privacy_sandbox/topics/registration/ 		67 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/privacy_sandbox/topics/registration/?id=2088394124800450
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2088394124800450?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-jfVxw9fi' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

access-control-expose-headers
X-FB-Debug, X-Loader-Length, X-Stack, Error-MID
content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497188368092591162&cpp=C3&cv=1022232475&st=1745575193820"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
observe-browsing-topics
?1
expires
Sat, 01 Jan 2000 00:00:00 GMT
access-control-allow-methods
OPTIONS
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/png
vary
Origin, Accept-Encoding
x-fb-debug
w8VHVQezl7uKjRNPUQpzq3Di4PF+Kzfk6M3nFQaISFl1UmIsfM8eO7Tb5hMOw0R5l8FcRHdwgdOZ8W4qP90lpw==
priority
u=1,i
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497188368092591162&cpp=C3&cv=1022232475&st=1745575193820", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-jfVxw9fi' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=2, rtx=0, c=23, mss=1232, tbw=4810, tp=10, tpl=0, uplat=100, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
same-origin
access-control-allow-credentials
true
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
x-xss-protection
0
origin-agent-cluster
?1
980253745499760
connect.facebook.net/signals/config/ 		27 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/980253745499760?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119%2C213%2C212%2C214%2C219%2C220%2C221%2C217%2C201%2C140%2C173%2C200%2C202%2C250%2C176%2C234%2C129%2C167%2C154%2C137%2C247%2C123%2C144%2C130%2C197%2C120%2C159%2C136
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
6524d22393008fd154605775a1e22054c13b21967f6082f58de70d4cd8a97c77
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-RZ83YW23' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-RZ83YW23' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=97, mss=1232, tbw=95682, tp=93, tpl=0, uplat=213, ullat=0
pragma
public
x-fb-debug
bX4dy/Pd8GetMwG5Jf01BfD7XpIcYsqgRdcwlFQiMVyvW5lidMMoDZ+tGis/BXN3PvxtrHGPh86ewPv7cpEJYA==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-RZ83YW23' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2088394124800450&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575193757&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&exp=k0&rqm=GET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=23, mss=1232, tbw=4831, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2088394124800450&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575193757&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&exp=k0&rqm=FGET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-nKlGhgeO' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497188368324129877&cpp=C3&cv=1022232475&st=1745575193820"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
QD3e6SBuxCQ2CwvjmeuXoTfcDhK+QMB/IJva7LIC+jnylHQQzBzYfVs19V29GdzZrenr/VbJDK6W+KPeqowULQ==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497188368324129877&cpp=C3&cv=1022232475&st=1745575193820", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-nKlGhgeO' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5430, tp=17, tpl=0, uplat=249, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
destination
www.googletagmanager.com/gtag/ 		330 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2eac8bc3313ae675a3b18335252da61f6ab893696ead6272baf7d19e90b51bc6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
115593
x-xss-protection
0
server
Google Tag Manager
/
b99.yahoo.co.jp/pagead/conversion/1001260589/ 		42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b99.yahoo.co.jp/pagead/conversion/1001260589/?random=1745575193770&cv=9&fst=1745575193770&num=1&fmt=3&guid=ON&disvt=false&eid=466465925%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Age
0
X-Content-Type-Options
nosniff
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
image/gif
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
script-src 'none'; object-src 'none'
Cache-Control
no-cache, no-store, must-revalidate
Timing-Allow-Origin
*
Pragma
no-cache
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Permissions-Policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length
42
X-XSS-Protection
0
Server
cafe
itm.js
dmp.im-apps.net/js/1012284/0001/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/js/1012284/0001/itm.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.6.js?utv=ut4.49.202210270538
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:23::173f:e925 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
de313643df0360a13d94fb9583114305bc3fd804ee4ce9df5d396a3c3d00200d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

x-amz-replication-status
PENDING
cache-control
max-age=12386
content-encoding
gzip
etag
"b2d11c6dc8064f4596be8bc658ca6a09"
x-amz-version-id
5OoGFgxevpBYogArCo._PSYXGzoRitWf
expires
Fri, 25 Apr 2025 13:26:19 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3039
p3p
CP="NOI PSD OTR"
date
Fri, 25 Apr 2025 09:59:53 GMT
last-modified
Mon, 10 Mar 2025 05:45:56 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
bat.js
bat.bing.com/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.8.js?utv=ut4.49.202305240135
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=1800
content-encoding
gzip
etag
"02e6b8458a2db1:0"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 42FC51B80AD44F9A9F914D2BF5DC4FAE Ref B: TYO201151002062 Ref C: 2025-04-25T09:59:53Z
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
14711
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript
last-modified
Mon, 31 Mar 2025 16:18:20 GMT
vary
Accept-Encoding
/
b99.yahoo.co.jp/pagead/conversion/1001047227/ 		42 B
742 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b99.yahoo.co.jp/pagead/conversion/1001047227/?random=1745575193777&cv=9&fst=1745575193777&num=1&fmt=3&guid=ON&disvt=false&eid=466465925%2C509562773%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=540&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.refa.net%2F&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&async=1
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
182.22.30.204 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Age
0
X-Content-Type-Options
nosniff
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
image/gif
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
script-src 'none'; object-src 'none'
Cache-Control
no-cache, no-store, must-revalidate
Timing-Allow-Origin
*
Pragma
no-cache
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Permissions-Policy
unload=(), ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
Content-Length
42
X-XSS-Protection
0
Server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/774046165/?random=1745575193778&cv=11&fst=1745575193778&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
513de3b2a43502ca9a2103999dede09f6c4ea78844521212e00cf17c76506962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2002
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
774046165
td.doubleclick.net/td/rul/ Frame 8020 		13 B
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/774046165?random=1745575193778&cv=11&fst=1745575193778&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-774046165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		330 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WNK3637
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cd5da4133beeb2254331abcab61adea1dc0175577f95dda5bf041c2e6582c7e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
115580
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/ 		330 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-10974633921
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2428ad73e1b689116cf61bca0a6452de66fad7afb54d13883cb1c6830f468f91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1068:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1068:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1068:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1068:0
content-length
115589
x-xss-protection
0
server
Google Tag Manager
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=mtg/refa-net/202504020905&cb=1745575193791
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/mtg/refa-net/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21b5:b200:7:2bfb:7c00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

x-amz-version-id
2XUX04X5QEw0.xFya64khU._sHTRl_Pz
etag
"7bc0ee636b3b83484fc3b9348863bd22"
age
378
x-cache
Hit from cloudfront
x-amz-cf-id
D-1GqCOwcGNZZPCo0Qrc_cKNdyUrjGAAD1F0BUIUf2HY-O_fVj_NXw==
date
Fri, 25 Apr 2025 09:53:39 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Sat, 11 Mar 2023 06:57:46 GMT
cache-control
max-age=300
via
1.1 4e7052e46faeb95a21d50beb61d85236.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
2
x-amz-cf-pop
NRT57-P7
server
AmazonS3
x-amz-server-side-encryption
AES256
tr
www.facebook.com/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=482992555229961&ev=PageView&cd[content_type]=product&cd[content_ids]=%5B%22%22%5D&eid=93a5c52ce27f4fa19700f16504c93666&cd[application_id]=423936147658676&ud[external_id]=c8d995680e29e059740ee2d8bc54fce39a7d80509f8124de6b803026bf83a245&fbp=fb.1.1745575193000.1135899235&cd[p_id]=24259&cd[is_app_event]=n&dl=https%3A%2F%2Fwww.refa.net%2F
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=24, mss=1232, tbw=5199, tp=13, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
apm.yahoo.co.jp/rt/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apm.yahoo.co.jp/rt/?p=F575CXIWEQ&label=&ref=https%3A%2F%2Fwww.refa.net%2F&rref=&pt=&item=&cat=&price=&quantity=&et_optout=false&r=1745575193.9999506&pvid=0oa7aigyucbm9wmefg7&su=b6c26d55-9252-4708-9124-7350a7aa2515&__lt__cid_valid=true&_impl=ytag
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.239.3.249 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

access-control-expose-headers
X-Z-Burls
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
access-control-allow-origin
https://www.refa.net
content-length
0
x-xss-protection
1; mode=block
/
www.google.com/pagead/1p-user-list/774046165/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/774046165/?random=1745575193684&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzKtniS-5t2E4DTnLIEtSpHOfqNv7OtlV43EYfh_NNYjXSyXnQ&random=2114042573&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/774046165/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/774046165/?random=1745575193684&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzKtniS-5t2E4DTnLIEtSpHOfqNv7OtlV43EYfh_NNYjXSyXnQ&random=2114042573&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
apm.yahoo.co.jp/rt/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apm.yahoo.co.jp/rt/?p=UHWDCG97KB&label=&ref=https%3A%2F%2Fwww.refa.net%2F&rref=&pt=&item=&cat=&price=&quantity=&et_optout=false&r=1745575194.6612327&pvid=0oa7aigyucbm9wmefg7&su=b6c26d55-9252-4708-9124-7350a7aa2515&__lt__cid_valid=true&_impl=ytag
Requested by
Host: s.yimg.jp
URL: https://s.yimg.jp/images/listing/tool/cv/ytag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.239.3.249 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

access-control-expose-headers
X-Z-Burls
observe-browsing-topics
?1
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
text/javascript; charset=utf-8
vary
Origin
x-frame-options
SAMEORIGIN
cache-control
no-store, no-cache, max-age=0, must-revalidate, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
permissions-policy
ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*, unload=()
access-control-allow-origin
https://www.refa.net
content-length
0
x-xss-protection
1; mode=block
topics
b6.im-apps.net/ 		14 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b6.im-apps.net/topics
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1012284/0001/itm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d706:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
private, no-store
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://www.refa.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/json
segment
sync6.im-apps.net/1012284/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/1012284/segment?token=X19pbV9zaWRzMA
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1012284/0001/itm.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1600::173b:fc93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
8482d94c6e4fc3d751f68899d49ce6e2be70a80c8bb434c9ddc3106c264b7e08

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Cache-Control
private, max-age=1800
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.refa.net
Content-Length
2515
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
application/json
Vary
Origin
lemNF6
b.im-apps.net/pv/
Redirect Chain
  • https://b6.im-apps.net/pv/lemNF6?cid=1012284&url=https%3A%2F%2Fwww.refa.net%2F&ref=&title=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%...
  • https://b.im-apps.net/pv/lemNF6?cid=1012284&ehid=eYGyV8FE34fMtZm8&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.im-apps.net/pv/lemNF6?cid=1012284&ehid=eYGyV8FE34fMtZm8&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88+%7C+%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&url=https%3A%2F%2Fwww.refa.net%2F
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Server
34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.1.49.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT

Redirect headers

via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
location
https://b.im-apps.net/pv/lemNF6?cid=1012284&ehid=eYGyV8FE34fMtZm8&lang=ja-jp&ref&title=ReFa+%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88+%7C+%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&url=https%3A%2F%2Fwww.refa.net%2F
content-length
151
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/html
google
px.ladsp.com/match/ Frame 5279
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_cm&google_hm=AaldhsaDx9bIks8AKJjLxRGywMA&logicad_uid=AaldhsaDx9bIks8AKJjLxRGywMA&svid=03
  • https://px.ladsp.com/match/google?logicad_uid=AaldhsaDx9bIks8AKJjLxRGywMA&svid=03&google_gid=CAESEKgiQnEZkwHdp-yKsxUdvgo&google_cver=1
43 B
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ladsp.com/match/google?logicad_uid=AaldhsaDx9bIks8AKJjLxRGywMA&svid=03&google_gid=CAESEKgiQnEZkwHdp-yKsxUdvgo&google_cver=1
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Server
18.182.218.121 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-218-121.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

expires
-1
cache-control
private, no-store, no-cache, must-revalidate
content-length
43
date
Fri, 25 Apr 2025 09:59:53 GMT
pragma
no-cache
content-type
image/gif

Redirect headers

cache-control
no-cache, must-revalidate
location
https://px.ladsp.com/match/google?logicad_uid=AaldhsaDx9bIks8AKJjLxRGywMA&svid=03&google_gid=CAESEKgiQnEZkwHdp-yKsxUdvgo&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
343
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
sd
jp-u.openx.net/w/1.0/ Frame 5279
Redirect Chain
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
  • https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.106.228.43
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
vary
Accept

Redirect headers

location
https://jp-u.openx.net/w/1.0/sd?cc=1&id=537072451&val=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
x-forwarded-for
103.106.228.43
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
text/plain; charset=utf-8
vary
Origin
Pug
simage2.pubmatic.com/AdServer/ Frame 5279 		42 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwMzEmdGw9MTI5NjAw&piggybackCookie=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 25 Apr 2025 09:59:45 GMT
content-type
image/gif; charset=utf-8
server
nginx
bounce
ib.adnxs.com/ Frame 5279
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=276&code=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.106.228.43; 103.106.228.43; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
99d7aeb6-066c-4937-9423-11026ef399dd
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Redirect headers

cache-control
no-store, no-cache, private
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D276%26code%3DAayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
103.106.228.43; 103.106.228.43; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
4207df41-77e2-44ee-8d6e-cc26b4356d8d
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
hs
s-cs.send.microad.jp/ Frame 5279 		43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-cs.send.microad.jp/hs?k=logicad_2&id=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs3A
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
202.233.84.8 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

strict-transport-security
max-age=31536000
timing-allow-origin
*
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
1; mode=block
content-type
image/gif
server
nginx
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
/
sync.ad-stir.com/ Frame 5279 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ad-stir.com/?symbol=LOGICAD&uid=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.75.254.126 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-75-254-126.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

cache-control
max-age=300
content-length
43
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
actualizar
penta.a.one.impact-ad.jp/psm/1.0/ Frame 5279
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=102&expires=365&user_id=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=102&expires=365&user_id=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
  • https://y.one.impact-ad.jp/cs?d=105&uid=cff599c4-5d9b-43c3-acf3-c99555921e44&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
  • https://y.one.impact-ad.jp/ul_cb/cs?d=105&uid=cff599c4-5d9b-43c3-acf3-c99555921e44&tg=1&et=30&r=no&bsw_dsp_id=&bsw_dsp_uuid=
  • https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
42 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Server
107.178.248.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.248.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
server
nginx

Redirect headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
location
https://penta.a.one.impact-ad.jp/psm/1.0/actualizar
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:54 GMT
tap.php
pixel.rubiconproject.com/ Frame 5279 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=143202&nid=4016&expires=30&put=AaldhsaDx9bIks8AKJjLxRGywBA
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d335433bbbe0efeac67146df47932f6f
Pragma
no-cache
content-length
42
Content-Type
image/gif
sync
ssl.socdm.com/rtb/ Frame 5279 		43 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.socdm.com/rtb/sync?proto=adgen&dspid=12
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

Cache-Control
private
X-SO-Cluster-ID
0
X-SO-LB-Hostname
m-ng10.dc4p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=12","cluster_id":0,"gdpr":false,"ipv4":"103.106.228.43","key":"aAtdGcCo8G4AAFoZhssAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad1087"}
X-SO-Upstream-ID
m-ad1087
X-SO-HostName
m-ad1087.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
103.106.228.43
X-SO-Key
aAtdGcCo8G4AAFoZhssAAAAA
Content-Length
43
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Fri, 25 Apr 2025 09:59:53 GMT
X-SO-Ads-Time
1
Content-Type
image/gif
Server
nginx
/
cs.adingo.jp/sync/ Frame 5279 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=logicad&id=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs4w
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.11.148 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-11-148.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

expires
Wed, 17 Sep 1975 21:32:10 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
date
Fri, 25 Apr 2025 09:59:53 GMT
pragma
no-cache
content-type
image/gif
server
nginx
/
sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/ Frame 5279 		0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/sonet-mediartb-network/1/rtb-h/?taboola_hm=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs6A
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

x-fastly-to-nlb-rtt
97548
date
Fri, 25 Apr 2025 09:59:54 GMT
server
nginx
access-control-allow-credentials
true
cookiesync
adn.caprofitx.com/v1/ Frame 5279 		35 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adn.caprofitx.com/v1/cookiesync?logicad_uid=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs6g
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.197.229.214 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-197-229-214.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

Content-Length
35
Date
Fri, 25 Apr 2025 09:59:53 GMT
Content-Type
image/gif
Server
nginx
Connection
keep-alive
cs
cs.gssprt.jp/yie/ld/ Frame 5279 		43 B
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.gssprt.jp/yie/ld/cs?dspid=logicad&uid=AaldhsaDx9bIks8AKJjLxRGywBw
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.137.133.151 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Mon, 26 Jul 1997 05:00:00 GMT
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
cookie-sync
sync.outbrain.com/ Frame 5279 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=logicad&uid=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs7Q
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.188.170.32 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
x-traceid
4f29ddd9c86ee1c253f804bf6ebb4aab
sync.ad
sp.gmossp-sp.jp/ads/ Frame 5279 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.gmossp-sp.jp/ads/sync.ad?dsp=logicad&dspuid=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs7w
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.98.24 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
24.98.201.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=3600
via
1.1 google
expires
Fri, 25 Apr 2025 10:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
x-cloud-trace-context
e9e334d4e88efca724b3113ffa777eeb
server
Google Frontend
cs
discoveryplus.popin.cc/popin_discovery/ Frame 5279 		35 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://discoveryplus.popin.cc/popin_discovery/cs?pid=logicad&puid=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs8Q
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.176 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

Cross-Origin-Resource-Policy
cross-origin
Content-Length
35
Date
Fri, 25 Apr 2025 09:59:54 GMT
Content-Type
image/gif
Server
nginx/1.13.5
Connection
keep-alive
sync
ad.as.amanad.adtdp.com/v1/ Frame 5279 		42 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=29&uid=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs-Q
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-72.nrt20.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
Xhlpp2fcWOx9JkMa5v3Vllnk9DC0D35nQIsm7OfrVMuonQV5cAYDRA==
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 0351cfe7ed552069eb05c4ac51dbf9cc.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
42
x-xss-protection
0
x-amz-cf-pop
NRT20-P2
sync
partners.tremorhub.com/ Frame 5279 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UILD=AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs-w
Requested by
Host: um.ladsp.com
URL: https://um.ladsp.com/match/iframe?pids=1_3_10_11_13_14_15_16_17_20_25_27_28_30_32_34_42_43&ts=1745575193618&svid=73
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f10:4ce4:4a05:7bab:95fd:f046:ea73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://um.ladsp.com/

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
server
nginx
activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=...
10707063.fls.doubleclick.net/ Frame E3FE
Redirect Chain
  • https://10707063.fls.doubleclick.net/activityi;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
  • https://10707063.fls.doubleclick.net/activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;ua...
779 B
611 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10707063.fls.doubleclick.net/activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10707063&l=dataLayer&cx=c&gtm=45je54n0v889117918za200zb77419047&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.6 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f6.1e100.net
Software
cafe /
Resource Hash
60e7475db4e7966bc90efc41f1e7ef73e7312d2d6a92540defd6b0d58f85a316
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
408
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 25 Apr 2025 09:59:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10707063.fls.doubleclick.net/activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;...
td.doubleclick.net/td/fls/rul/ Frame B0B3 		13 B
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-10707063&l=dataLayer&cx=c&gtm=45je54n0v889117918za200zb77419047&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activity;register_conversion=1;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
ad.doubleclick.net/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/activity;register_conversion=1;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=10;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F?
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.134 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gtm.js
www.googletagmanager.com/ 		332 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/js/1012284/0001/itm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c8087424634757d37e8b3a1749b339ecd68c3220982b86d729acd905c859fe1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcycc:1310:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1310:0"}],}
expires
Fri, 25 Apr 2025 09:59:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1310:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcycc:1310:0
content-length
115861
x-xss-protection
0
server
Google Tag Manager
/
www.google.com/pagead/1p-user-list/774046165/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/774046165/?random=1745575193778&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzyAEntdqh0mpTEG-vK0doJahraRGtH1aRI05Npi3OLnfkTGY5&random=2847999728&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/774046165/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/774046165/?random=1745575193778&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v881674415za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzyAEntdqh0mpTEG-vK0doJahraRGtH1aRI05Npi3OLnfkTGY5&random=2847999728&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
187039622.js
bat.bing.com/p/action/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/187039622.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8ecd899b23b5480c354a38a0a3792aa8b267dd59c93a874d71993696b0a9dc57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
private,max-age=60
content-encoding
br
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BCE2923C70AA416483A642D5F7585964 Ref B: TYO201151002062 Ref C: 2025-04-25T09:59:53Z
x-cache
CONFIG_NOCACHE
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/?random=1745575193947&cv=11&fst=1745575193947&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
678b9083554946bec086b95c4b8a98be0f44f514a69c01d3048af7a39e13d276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2030
date
Fri, 25 Apr 2025 09:59:53 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10974633921
td.doubleclick.net/td/rul/ Frame 547C 		13 B
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10974633921?random=1745575193947&cv=11&fst=1745575193947&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:53 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10974633921/?random=1745575193990&cv=11&fst=1745575193990&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.34 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s72-in-f2.1e100.net
Software
cafe /
Resource Hash
f88bcde81aace5bc260fd0a8ae132131fb2941b1b61195d399a6f40f575d044d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2045
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
10974633921
td.doubleclick.net/td/rul/ Frame 341E 		13 B
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/rul/10974633921?random=1745575193990&cv=11&fst=1745575193990&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-10974633921&l=dataLayer&cx=c&gtm=45He54n0v77419047za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
187039622
www.clarity.ms/tag/uet/ 		865 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/uet/187039622?insights=1
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/p/action/187039622.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6e36f923bb888442370f418b7d43c0d3845db329824991cbf34ae73df528fc46

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
865
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
application/x-javascript
x-azure-ref
20250425T095954Z-1754b9cc9cb7mv66hC1TYOa5zw0000000e8g0000000215c6
0
bat.bing.com/action/ 		0
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187039622&Ver=2&mid=d7e66d12-7efb-4275-a731-b239b79511c7&bo=1&sid=092eb77021bc11f0a9695b5970ae787e&vid=092ee43021bc11f0a6360952a31eb52d&vids=1&msclkid=N&pi=918639831&lg=ja-JP&sw=1600&sh=1200&sc=24&tl=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94%E7%BE%8E%E5%AE%B9%E3%83%BB%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF%E3%83%BB%E7%82%AD%E9%85%B8%E7%BE%8E%E5%AE%B9%E3%83%BB%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2%E3%83%BB%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%BB%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91%E3%83%BB%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC&kw=ReFa,%E3%83%AA%E3%83%95%E3%82%A1,MTG,%E6%A6%AE%E5%80%89%E5%A5%88%E3%80%85,%E5%B1%B1%E7%94%B0%E8%A3%95%E8%B2%B4,%E7%BE%8E%E9%A1%94%E3%83%AD%E3%83%BC%E3%83%A9%E3%83%BC,%E7%BE%8E%E5%AE%B9%E3%83%AD%E3%83%BC%E3%83%A9%E3%83%BC,%E6%B4%97%E9%A1%94,%E7%BE%8E%E5%AE%B9%E6%B6%B2,%E5%8C%96%E7%B2%A7%E6%B0%B4,%E7%BE%8E%E5%AE%B9%E7%BF%92%E6%85%A3,%E7%BE%8E%E5%AE%B9%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF,%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3,%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B2%E3%83%B3%E3%83%89%E3%83%AA%E3%83%B3%E3%82%AF,%E9%A0%AD%E7%9A%AE,%E7%82%AD%E9%85%B8,%E7%82%AD%E9%85%B8%E3%83%9F%E3%82%B9%E3%83%88,%E3%83%AA%E3%83%95%E3%83%88%E3%82%A2%E3%83%83%E3%83%97,%E3%81%9F%E3%82%8B%E3%81%BF%E6%94%B9%E5%96%84,%E8%82%8C,%E3%81%8A%E3%81%86%E3%81%A1%E7%BE%8E%E5%AE%B9,%E3%82%AD%E3%83%AC%E3%82%A4,%E7%B6%BA%E9%BA%97,%E7%BE%8E%E3%81%97%E3%81%95,%E3%81%8B%E3%82%8F%E3%81%84%E3%81%84,%E3%83%98%E3%83%83%E3%83%89%E3%82%B9%E3%83%91,%E3%82%B9%E3%82%AD%E3%83%B3%E3%82%B1%E3%82%A2,%E3%83%89%E3%83%A9%E3%82%A4%E3%83%A4%E3%83%BC,%E3%83%98%E3%82%A2%E3%82%A2%E3%82%A4%E3%83%AD%E3%83%B3&p=https%3A%2F%2Fwww.refa.net%2F&r=&lt=524&evt=pageLoad&sv=1&cdb=AQwT&rn=50402
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 343C3EB27FCF4FD8A9CB476A13AE7DD4 Ref B: TYO201151002062 Ref C: 2025-04-25T09:59:54Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 25 Apr 2025 09:59:53 GMT
0
bat.bing.com/action/ 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=187039622&Ver=2&mid=d7e66d12-7efb-4275-a731-b239b79511c7&bo=2&sid=092eb77021bc11f0a9695b5970ae787e&vid=092ee43021bc11f0a6360952a31eb52d&vids=0&msclkid=N&pagetype=home&en=Y&p=https%3A%2F%2Fwww.refa.net%2F&sw=1600&sh=1200&sc=24&evt=custom&cdb=AQwT&rn=188020
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 4D2B441487D84D0DA8688141E030C992 Ref B: TYO201151002062 Ref C: 2025-04-25T09:59:54Z
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Fri, 25 Apr 2025 09:59:53 GMT
505248416521218
connect.facebook.net/signals/config/ 		32 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/505248416521218?v=2.9.199&r=stable&domain=www.refa.net&hme=53363064397d256bdf8f213dd9a9e18c291fc2ed691e4233e4a9e488f248f817&ex_m=73%2C128%2C113%2C117%2C64%2C5%2C106%2C72%2C18%2C100%2C92%2C53%2C57%2C182%2C203%2C210%2C206%2C207%2C209%2C31%2C107%2C55%2C80%2C208%2C177%2C180%2C204%2C205%2C190%2C139%2C43%2C195%2C192%2C193%2C36%2C152%2C17%2C52%2C199%2C198%2C141%2C20%2C42%2C1%2C45%2C68%2C69%2C70%2C74%2C96%2C19%2C16%2C99%2C95%2C94%2C114%2C54%2C116%2C41%2C115%2C32%2C97%2C28%2C178%2C181%2C149%2C13%2C14%2C15%2C7%2C8%2C27%2C24%2C25%2C60%2C65%2C67%2C78%2C56%2C105%2C108%2C29%2C79%2C11%2C9%2C83%2C50%2C23%2C110%2C109%2C111%2C102%2C12%2C22%2C3%2C40%2C77%2C21%2C161%2C89%2C135%2C49%2C48%2C101%2C76%2C0%2C98%2C59%2C87%2C35%2C30%2C85%2C86%2C91%2C39%2C6%2C93%2C84%2C46%2C34%2C37%2C90%2C4%2C88%2C248%2C175%2C126%2C164%2C157%2C2%2C38%2C66%2C44%2C112%2C47%2C82%2C71%2C118%2C63%2C62%2C33%2C103%2C61%2C58%2C51%2C81%2C75%2C26%2C104%2C10%2C119%2C213%2C212%2C214%2C219%2C220%2C221%2C217%2C201%2C140%2C173%2C200%2C202%2C250%2C176%2C234%2C129%2C167%2C154%2C137%2C247%2C123%2C144%2C130%2C197%2C120%2C159%2C136
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-nrt1.fbcdn.net
Software
/
Resource Hash
a78e964f9ea0b21aef79bb45f7184c52b40af33dcdcb606584b971d413aaa93b
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob: *;script-src data: 'nonce-dWpNN7hF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' blob: *;script-src data: 'nonce-dWpNN7hF' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=102, mss=1232, tbw=101501, tp=102, tpl=0, uplat=197, ullat=0
pragma
public
x-fb-debug
fqoHee7QmtczVqRW2+Zy+Eg95dNgMzj2O+vaLgc8ptQFMvIsOGgHwfTLO+CWQDoPRwyxGRM1IEDNhUu/Vjy6YQ==
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src 'self' blob: *;script-src 'nonce-dWpNN7hF' 'report-sample' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: 'self' data: https://*.google-analytics.com *.google.com;style-src 'self' data: blob: 'unsafe-inline';connect-src 'self' data: blob: *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* *.cdninstagram.com https://*.google-analytics.com;font-src 'self' data: blob: *;img-src 'self' data: blob: * https://*.google-analytics.com;media-src 'self' data: blob: *;child-src 'self' data: blob: *;frame-src 'self' data: blob: *;manifest-src 'self' data: blob: *;object-src 'self' data: blob: *;worker-src 'self' data: blob: *;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575194025&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&exp=k0&rqm=GET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=8966, tp=22, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575194025&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&exp=k0&rqm=FGET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-w4AYdmkI' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497188372417027663&cpp=C3&cv=1022232475&st=1745575194080"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
pwO8rTzzBNfqoBueGdjcQN82HB59i3KHWPdco6hfa/yIG9aFKp0k6+H3vCTo0LWtNmOlYtUEs27RvTU9TiVwbg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497188372417027663&cpp=C3&cv=1022232475&st=1745575194080", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-w4AYdmkI' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=27, mss=1232, tbw=9192, tp=25, tpl=0, uplat=105, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.google.com/pagead/1p-user-list/10974633921/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10974633921/?random=1745575193990&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzl5rukRaeqsgPcoewy1GlM1IeKbXLAeQd8UZGz7UMN0ngGT2x&random=1868622502&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/10974633921/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10974633921/?random=1745575193990&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&did=dYmQxMT&gdid=dYmQxMT&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyzl5rukRaeqsgPcoewy1GlM1IeKbXLAeQd8UZGz7UMN0ngGT2x&random=1868622502&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.com/pagead/1p-user-list/10974633921/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/10974633921/?random=1745575193947&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyz9NIIvgFxNR_9MnNZy23_ELFhEOs-HySZuo1tGzpl2ymv8d_1&random=3063954863&rmt_tld=0&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.ca/pagead/1p-user-list/10974633921/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/pagead/1p-user-list/10974633921/?random=1745575193947&cv=11&fst=1745571600000&bg=ffffff&guid=ON&async=1&gtm=45be54n0v9102968195za200zb77419047&gcd=13l3l3l3l1l1&dma=0&tag_exp=102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103130498~103130500~103200001&ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.refa.net%2F&hn=www.googleadservices.com&frm=0&tiba=ReFa%20%EF%BC%88%E3%83%AA%E3%83%95%E3%82%A1%EF%BC%89%E5%85%AC%E5%BC%8F%E3%83%96%E3%83%A9%E3%83%B3%E3%83%89%E3%82%B5%E3%82%A4%E3%83%88%20%7C%20%E6%A0%AA%E5%BC%8F%E4%BC%9A%E7%A4%BEMTG%EF%BC%9A%E7%BE%8E%E5%AE%B9%E6%A9%9F%E5%99%A8%E3%83%BB%E6%B4%97%E9%A1%94&npa=0&pscdl=noapi&auid=403049984.1745575193&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dpage_view&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDZpuyz9NIIvgFxNR_9MnNZy23_ELFhEOs-HySZuo1tGzpl2ymv8d_1&random=3063954863&rmt_tld=1&ipr=y
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.3 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
log.2.js
dmp.im-apps.net/sdk/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.im-apps.net/sdk/log.2.js
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1a00:23::173f:e925 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
41a3a830e07e40cdbf135818a398d3b439a1b5e7a6d5b1e3c4112a06b5d63fb6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

x-amz-replication-status
COMPLETED
cache-control
public, max-age=10800
content-encoding
gzip
etag
"4dcde26c5f4ff9f3eb79962a77d10a4a"
x-amz-version-id
qfyT9NNLsCm.Oon0dNwAOJ3UjhRxObwo
expires
Fri, 25 Apr 2025 12:59:54 GMT
accept-ranges
bytes
content-length
22961
p3p
CP="NOI PSD OTR"
date
Fri, 25 Apr 2025 09:59:54 GMT
last-modified
Tue, 19 Sep 2023 16:24:17 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
destination
www.googletagmanager.com/gtag/ 		281 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=DC-12693547&l=itm_dl1_1012284&cx=c&gtm=45He54n0v896570462za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.168 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d223186165f71dab0ce52e43f0f761272ab1d1baa4e44ff46825b3ee69de618
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
br
report-to
{"group":"ascgcysghrgc:42:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Fri, 25 Apr 2025 09:59:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 25 Apr 2025 09:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=ascgcysghrgc:42:0
content-length
101188
x-xss-protection
0
server
Google Tag Manager
fraud
sync6.im-apps.net/v1/ 		28 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync6.im-apps.net/v1/fraud?escv_id=31871
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1600::173b:fc93 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
74a8928649d9a790c33200230bcac1405bc83a4954fab1658994bd9d4a91b2ff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Cache-Control
private, max-age=1800
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.refa.net
Content-Length
28
Date
Fri, 25 Apr 2025 09:59:54 GMT
Content-Type
application/json
Vary
Origin
mk
bypass.ad-stir.com/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bypass.ad-stir.com/mk?p=174145
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.64.75.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-75-156.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3a1d245e5cf49cc0367bf71c2e2f0c194bbd6510fee371f7cad00d1074673dc6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-store
content-length
492
content-encoding
gzip
date
Fri, 25 Apr 2025 09:59:54 GMT
p3p
CP="CAO PSA OUR"
content-type
application/x-javascript; charset=UTF-8
mk
bypass.ad-stir.com/ 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bypass.ad-stir.com/mk?p=174153
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.64.75.156 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-75-156.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
dca8d57514cb1e51087eb9377b358d7cdcdf6ad2e0fa5d084851b5bca177e740

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-store
content-length
491
content-encoding
gzip
date
Fri, 25 Apr 2025 09:59:54 GMT
p3p
CP="CAO PSA OUR"
content-type
application/x-javascript; charset=UTF-8
up_loader.1.1.0.js
js.adsrvr.org/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PVRT2K&l=itm_dl1_1012284
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.165.18.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-18-96.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3856ad2d466bb48b721dd6ce633740f10d9a8f1175e04303e320692c80e65f00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

Transfer-Encoding
chunked
Vary
accept-encoding
Content-Encoding
gzip
ETag
W/"c983f10c81b415129d0b1ff58b2f9513"
Age
9233
Connection
keep-alive
Via
1.1 6db9ef0587d963a7afc68c7c316285d4.cloudfront.net (CloudFront)
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
lnUF5jLzp4z5JygkJfdCz4FzbIMxTk5Qp4huz0jyCgu1KBYObrBQpg==
Date
Fri, 25 Apr 2025 07:26:02 GMT
Content-Type
application/javascript
Last-Modified
Fri, 25 Apr 2025 07:23:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT12-P4
x-amz-server-side-encryption
AES256
/
atb.im-apps.net/a/imsync/1012284/10091495/ 		43 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atb.im-apps.net/a/imsync/1012284/10091495/?token=a73d9558d932212d1bf1cae414fabe5b
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:2dbc:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
targeting
b6.im-apps.net/1012284/site/ 		43 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b6.im-apps.net/1012284/site/targeting
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d706:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
cart
b6.im-apps.net/1012284/site/ 		43 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b6.im-apps.net/1012284/site/cart
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d706:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, no-store, must-revalidate
via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=*;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=...
adservice.google.com/ddm/fls/z/ Frame E3FE 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=*;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F
Requested by
Host: 10707063.fls.doubleclick.net
URL: https://10707063.fls.doubleclick.net/activityi;dc_pre=CN3f-6r28owDFTuD6QUdL0oIMQ;src=10707063;type=220501;cat=2205_0;ord=1;num=5995194294740;npa=0;auiddc=403049984.1745575193;ps=1;pcor=572810697;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KpA;gtm=45fe54n0v9190208834z877419047za201zb889117918;gcd=13l3l3l3l1l1;dma=0;dc_fmt=1;tag_exp=101509157~102887800~103051953~103077950~103106314~103106316~103116025~103130360~103130362~103200001;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;~oref=https%3A%2F%2Fwww.refa.net%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://10707063.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
tracker
b.im-apps.net/ 		0
421 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://b.im-apps.net/tracker
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/log.2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.49.1.209 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.1.49.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://www.refa.net/

Response headers

via
1.1 google
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.refa.net
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 25 Apr 2025 09:59:54 GMT
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=505248416521218&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575194237&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&eid=070cbaf272298ba77525841d4c52c186&tm=1&exp=k2&rqm=GET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=11864, tp=32, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=505248416521218&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575194237&sw=1600&sh=1200&v=2.9.199&r=stable&ec=0&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&eid=070cbaf272298ba77525841d4c52c186&tm=1&exp=k2&rqm=FGET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-bw3OVBEq' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497188371908930059&cpp=C3&cv=1022232475&st=1745575194293"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
o41qTY1Wlb3R1sLCBn90lLbDuUIoqHJFltwEg9jqYQT94HgyLSH/E5YkhU0IiL8U/zujO8CZRMF9VL4TPBHtug==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497188371908930059&cpp=C3&cv=1022232475&st=1745575194293", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-bw3OVBEq' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=14728, tp=39, tpl=0, uplat=108, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
www.facebook.com/tr/ 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575194238&sw=1600&sh=1200&v=2.9.199&r=stable&ec=1&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&eid=b13d287e74c5e15b6462e1a89f346cf7&tm=1&exp=k2&rqm=GET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=12056, tp=34, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=980253745499760&ev=PageView&dl=https%3A%2F%2Fwww.refa.net%2F&rl=&if=false&ts=1745575194238&sw=1600&sh=1200&v=2.9.199&r=stable&ec=1&o=12318&fbp=fb.1.1745575193756.78443584498391032&ler=empty&cdl=API_unavailable&it=1745575193478&coo=false&eid=b13d287e74c5e15b6462e1a89f346cf7&tm=1&exp=k2&rqm=FGET
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.31.35 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-nrt1.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-XLqQHOO1' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7497188371383468798&cpp=C3&cv=1022232475&st=1745575194294"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
IOUXRAmJ+gcDm3l+LkzQ+D0AJua270EO3hiZ4K1MbDqwgh/ROtZdKSJOVbh9G6xPeFQ2BnG3vqAohfHsHS+DIA==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7497188371383468798&cpp=C3&cv=1022232475&st=1745575194294", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'nonce-XLqQHOO1' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;child-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net accounts.meta.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;manifest-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;object-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=1, rtx=0, c=29, mss=1232, tbw=12296, tp=37, tpl=0, uplat=106, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
clarity.js
www.clarity.ms/s/0.8.1/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.8.1/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/187039622?insights=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::46 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
2e914ba245ff42449ed9ad8103d185ec7f8ddf5896a1b1a1b9c0a5427893c420

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

x-azure-ref
20250425T095954Z-1754b9cc9cb7mv66hC1TYOa5zw0000000e8g0000000215dw
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DD6722E0B7F6F4"
x-fd-int-roxy-purgeid
79034942
x-ms-request-id
97c7b7c8-d01e-007a-76c4-ac339b000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 19 Mar 2025 20:16:05 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://bypass.ad-stir.com/push_sync
  • https://sp.gmossp-sp.jp/ads/sync.ad?dsp=bypass&uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760
  • https://bypass.ad-stir.com/receive_sync?ssp=gmo&uid=x3mrWQPVyLHSO3hg
  • https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&google_hm=Aq_l9vlqTxGd6o77sUsXYA&google_redir=https%3A%2F%2Fbypass.ad-stir.com%2Freceive_sync%3Fssp%3Dgoogle_hosted_match%26google_gid%3D...
  • https://bypass.ad-stir.com/receive_sync?ssp=google_hosted_match&google_gid=hosted_match
  • https://cm.g.doubleclick.net/pixel?google_nid=united_bypass&uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760&google_ula=439954433&google_cm
  • https://bypass.ad-stir.com/receive_sync?ssp=google&uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760&google_gid=CAESEIhGsDKAn2z7bB12I5QZFds&google_cver=1&google_ula=439954433,0
  • https://adn.caprofitx.com/v1/cookiesync?bypass_uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760
  • https://bypass.ad-stir.com/receive_sync?ssp=profitx&uid=d7867b1e-662b-4e96-9ed7-eade9cba801f
  • https://x.bidswitch.net/sync?dsp_id=204&user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&expires=90
43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=204&user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&expires=90
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Server
35.213.7.90 Tokyo, Japan, ASN19527 (GOOGLE-2, US),
Reverse DNS
90.7.213.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=204&user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&expires=90
content-length
1
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
text/html; charset=utf-8
sd
u.openx.net/w/1.0/ 		43 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=556681178&val=02afe5f6-f96a-4f11-9dea-8efbb14b1760
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.106.228.43
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
vary
Accept
idsync
tg.socdm.com/aux/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=bypass_dsp&ssp_uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Fri, 25 Apr 2025 09:59:54 GMT
Content-Type
image/gif
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1087
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=bypass_dsp&ssp_uid=02afe5f6-f96a-4f11-9dea-8efbb14b1760","cluster_id":0,"gdpr":false,"ipv4":"103.106.228.43","key":"aAtdGcCo8G4AAFoZhssAAAAA","privacy_sensitive":false,"uid":"aAtdGcCo8G4AAFoZhssAAAAA","upstream_id":"m-ad1087"}
X-SO-HostName
m-ad1087.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
103.106.228.43
X-SO-Key
aAtdGcCo8G4AAFoZhssAAAAA
Content-Length
43
X-SO-Ads-Time
81
X-SO-UID
aAtdGcCo8G4AAFoZhssAAAAA
Server
nginx
crum
dsum.casalemedia.com/
Redirect Chain
  • https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760
  • https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&C=1
43 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=214&external_user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&C=1
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pghkz5U55oUltxucqKoqwZCh9RIObtXBmsMmi4xWPGKu3iKwI3ejiomS2fGhGn6iSXCgqKMU5bHqLQJU6p7QkLMapEbklzfX3rOK%2FrTlSsfLUhBk1zxxzudM0o7qf0tybV03XsIw"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
935cfd844db7d4db-NRT
content-length
43
server
cloudflare

Redirect headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KIQ8TJTm8tL6tYLF%2F8ZV4Wxq%2FlmX51Tc4nWYPtdzq6XPFQmOWUNiHCzM%2FFXJnvGh%2BPNWcvNObqp7W%2FfCU%2FS7xcl9L%2FVFHdXfHTxMi4X9ifGRKMJYxc%2BoUT2wAKQM6alrJuIM8uPu"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Fri, 25 Apr 2025 09:59:54 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
location
/crum?cm_dsp_id=214&external_user_id=02afe5f6-f96a-4f11-9dea-8efbb14b1760&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
935cfd842d85d4db-NRT
content-length
0
server
cloudflare
dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v918973...
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=Kl...
  • https://ad.doubleclick.net/activity;dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;ua...
  • https://adservice.google.com/ddm/fls/z/dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=...
42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;~oref=https%3A%2F%2Fwww.refa.net%2F
Requested by
Host: www.refa.net
URL: https://www.refa.net/
Protocol
H3
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Fri, 25 Apr 2025 09:59:54 GMT
attribution-reporting-register-trigger
{"aggregatable_deduplication_keys":[{"deduplication_key":"15277482865409528216"}],"aggregatable_trigger_data":[{"filters":[{"14":["13494218"]}],"key_piece":"0xd038c02c8d440002","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xc210aa75d43b1be5","not_filters":{"14":["13494218"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356},"aggregation_coordinator_origin":"https://publickeyservice.msmt.gcp.privacysandboxservices.com","debug_key":"13464356245906221936","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"15277482865409528216","filters":[{"14":["13494218"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"15277482865409528216","filters":[{"14":["13494218"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"15277482865409528216","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"15277482865409528216","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12693547"]}}
content-type
image/png
cache-control
no-cache, must-revalidate
timing-allow-origin
*
location
https://adservice.google.com/ddm/fls/z/dc_pre=COW7jqv28owDFVlTwgUdLpYIQg;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=3;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;~oref=https%3A%2F%2Fwww.refa.net%2F
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
0
x-xss-protection
0
server
cafe
activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=...
12693547.fls.doubleclick.net/ Frame 6AC8
Redirect Chain
  • https://12693547.fls.doubleclick.net/activityi;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;f...
  • https://12693547.fls.doubleclick.net/activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;u...
782 B
610 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12693547.fls.doubleclick.net/activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12693547&l=itm_dl1_1012284&cx=c&gtm=45He54n0v896570462za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f6.1e100.net
Software
cafe /
Resource Hash
0a00a223e4faf550435ccdfa481718e30daaef18041b28ae547a9e8891701b19
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
407
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 25 Apr 2025 09:59:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12693547.fls.doubleclick.net/activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activityi;fledge=1;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v91...
td.doubleclick.net/td/fls/rul/ Frame EC25 		13 B
38 B 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/fls/rul/activityi;fledge=1;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=9;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=DC-12693547&l=itm_dl1_1012284&cx=c&gtm=45He54n0v896570462za200&tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.161.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f2.1e100.net
Software
cafe /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
b.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.refa.net/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.refa.net
Date
Fri, 25 Apr 2025 09:59:55 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v918973...
adservice.google.com/ddm/fls/z/ Frame 6AC8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=*;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F
Requested by
Host: 12693547.fls.doubleclick.net
URL: https://12693547.fls.doubleclick.net/activityi;dc_pre=CIW_mqv28owDFYpbDwIdlVIAkw;src=12693547;type=invmedia;cat=1009100;ord=1216645275794;npa=0;auiddc=403049984.1745575193;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;_tu=KlA;gtm=45fe54n0v9189738244z8896570462za201zb896570462;gcd=13l3l3l3l1l1;dma=0;dc_fmt=2;tag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;ptag_exp=102887800~103051953~103077950~103106314~103106316~103116026~103130360~103130362~103200004;epver=2;dc_random=1745575194341;_dc_test=1;~oref=https%3A%2F%2Fwww.refa.net%2F?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://12693547.fls.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
beacon.html
js.fout.jp/ Frame 59E3 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.fout.jp/beacon.html?from=dmp
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/segmentation.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.42.117.131 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-42-117-131.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2724d11992815bd94e9c2045ae99df34478108c76aef64051f32492301e5c646

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=1280
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3008
Content-Type
text/html
Date
Fri, 25 Apr 2025 09:59:54 GMT
ETag
"67b3f45f-2431"
Expires
Fri, 25 Apr 2025 10:21:14 GMT
Last-Modified
Tue, 18 Feb 2025 02:45:51 GMT
P3P
CP="ADM NOI OUR"
Server
nginx
Vary
Accept-Encoding
sync
x.bidswitch.net/ Frame CB9B 		43 B
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-2ykxHrgVjEP9FZn_OB4zA7r6KvqbbGceKYxCFA&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.7.90 Tokyo, Japan, ASN19527 (GOOGLE-2, US),
Reverse DNS
90.7.213.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame CB9B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-W9xp1bgVjEP9FZn_OB4zA7r6KvpJLVZ8zoDhKg&google_cm&google_hm=ay1XOXhwMWJnVmpFUDlGWm5fT0I0ekE3cjZLdnBKTFZaO...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-W9xp1bgVjEP9FZn_OB4zA7r6KvpJLVZ8zoDhKg&google_gid=CAESEFvYD-K4X2xQUt4xzGyhqfc&google_cver=1&google_ula=913071,0
43 B
715 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-W9xp1bgVjEP9FZn_OB4zA7r6KvpJLVZ8zoDhKg&google_gid=CAESEFvYD-K4X2xQUt4xzGyhqfc&google_cver=1&google_ula=913071,0
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1478314
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-cache, must-revalidate
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-W9xp1bgVjEP9FZn_OB4zA7r6KvpJLVZ8zoDhKg&google_gid=CAESEFvYD-K4X2xQUt4xzGyhqfc&google_cver=1&google_ula=913071,0
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
398
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame CB9B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4406566417585652607
43 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4406566417585652607
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1209699
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4406566417585652607
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.106.228.43; 103.106.228.43; 1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
33d826f5-1e9c-41cf-bff8-bb5a1ba6c17c
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
idsync
tg.socdm.com/aux/ Frame CB9B 		43 B
929 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-BKZ-JbgVjEP9FZn_OB4zA7r6Kvr4L2cGvi5Dtw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.153.162 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
P3P
CP="See also http://www.scaleout.jp/privacy/"
Date
Fri, 25 Apr 2025 09:59:55 GMT
Content-Type
image/gif
Cache-Control
private
X-SO-Cluster-ID
0
X-SO-Upstream-ID
m-ad1087
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-BKZ-JbgVjEP9FZn_OB4zA7r6Kvr4L2cGvi5Dtw","cluster_id":0,"gdpr":false,"ipv4":"103.106.228.43","key":"aAtdGcCo8G4AAFoZhssAAAAA","privacy_sensitive":false,"uid":"aAtdGcCo8G4AAFoZhssAAAAA","upstream_id":"m-ad1087"}
X-SO-HostName
m-ad1087.dc4p.scaleout.jp
Connection
keep-alive
X-SO-IP
103.106.228.43
X-SO-Key
aAtdGcCo8G4AAFoZhssAAAAA
Content-Length
43
X-SO-Ads-Time
217
X-SO-UID
aAtdGcCo8G4AAFoZhssAAAAA
Server
nginx
sync
ad.as.amanad.adtdp.com/v1/ Frame CB9B 		42 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.as.amanad.adtdp.com/v1/sync?dsp_id=4,5&uid=k-Oj4fhLgVjEP9FZn_OB4zA7r6KvoEPEcdsGBg5A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-116.nrt20.r.cloudfront.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache
Miss from cloudfront
x-amz-cf-id
-d0gKzmJtAqgWQx-esyRZtHNx31XXxNVzh-7IrZw63aw7v91lTLk-g==
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Architecture, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
via
1.1 f874b4fe7d91ecfa31e296942e898d14.cloudfront.net (CloudFront)
access-control-allow-origin
*
content-length
42
x-xss-protection
0
x-amz-cf-pop
NRT20-P2
rum
r.casalemedia.com/ Frame CB9B 		43 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-PT_XQbgVjEP9FZn_OB4zA7r6KvpPbToae4eFXA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVnHR7g8PvIm8ztEucRF%2FwtZGBhxPdOpQt5mGQxbRzJtaIS4clrc39hhL5gdC7fOpalTNzJ1y%2FTP4A9EWT57UcziPIEYFayai4fBzQC%2F0ohQ76iYAJvVv8qtVuqwuLTPtPpW"}],"group":"cf-nel","max_age":604800}
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
vary
Accept-Encoding
priority
u=3,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
cf-ray
935cfd87baa2d4db-NRT
content-length
43
server
cloudflare
362338.gif
idsync.rlcdn.com/ Frame CB9B 		42 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-7rrYNbgVjEP9FZn_OB4zA7r6KvoPaBmuBhGfHg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.154.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.154.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store
timing-allow-origin
*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
cksync.php
contextual.media.net/ Frame CB9B 		86 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-fhhUZLgVjEP9FZn_OB4zA7r6Kvrm0OI3O24GGg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.222.96.30 Auckland, New Zealand, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-222-96-30.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
timing-allow-origin
*
pragma
no-cache
expires
Fri, 25 Apr 2025 09:59:54 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-length
86
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
server
Apache
c.gif
c.bing.com/ Frame CB9B 		42 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-23U8rbgVjEP9FZn_OB4zA7r6Kvrinz4RTd5DiQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:33:1::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9def19a40b5db1:0"
x-msedge-ref
Ref A: 9391C8CD59304B44B3CCA881C4AAB4A3 Ref B: TYO201151002062 Ref C: 2025-04-25T09:59:54Z
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
42
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
last-modified
Thu, 24 Apr 2025 17:40:58 GMT
x-powered-by
ASP.NET
g.pixel
aa.agkn.com/adscores/ Frame CB9B
Redirect Chain
  • https://gum.criteo.com/sync?c=9&r=1&a=1&u=https%3A%2F%2Faa.agkn.com%2Fadscores%2Fg.pixel%3Fsid%3D9212273938%26ct%3D%40USERID%40
  • https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=xpRUuF90RFpJZ3N3c01LaFJ5VnpRVUVldndhV2NSSTdyYkU4ZlBvcCUyQjdmRU5DUFUlM0Q
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=xpRUuF90RFpJZ3N3c01LaFJ5VnpRVUVldndhV2NSSTdyYkU4ZlBvcCUyQjdmRU5DUFUlM0Q
Protocol
H2
Server
52.195.109.1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-195-109-1.ap-northeast-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-methods
GET, OPTIONS
expires
0
access-control-allow-origin
*
content-length
43
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
date
Fri, 25 Apr 2025 09:59:55 GMT
content-type
image/gif
server
AAWebServer
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
location
https://aa.agkn.com/adscores/g.pixel?sid=9212273938&ct=xpRUuF90RFpJZ3N3c01LaFJ5VnpRVUVldndhV2NSSTdyYkU4ZlBvcCUyQjdmRU5DUFUlM0Q
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
server
Kestrel
server-processing-duration-in-ticks
1031210
cookie-sync
sync.outbrain.com/ Frame CB9B 		0
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-_foHMrgVjEP9FZn_OB4zA7r6Kvq4cSamLkr6vg&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.188.170.32 , United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
x-traceid
15e59480bc3af80207ca73b4688eef7c
Pug
simage2.pubmatic.com/AdServer/ Frame CB9B 		42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-v3qfV7gVjEP9FZn_OB4zA7r6Kvo8Op2gtmiHGQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame CB9B 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-fikoI7gVjEP9FZn_OB4zA7r6KvovGoD0FI8bFQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Pragma
no-cache
content-length
42
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame CB9B 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-rDDDfrgVjEP9FZn_OB4zA7r6KvpPSgj2SvGobA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date
Fri, 25 Apr 2025 09:59:54 GMT
pragma
no-cache
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CB9B 		0
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-R7rRnbgVjEP9FZn_OB4zA7r6Kvo1iF7e5ETmhg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.231.48 , Hong Kong, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
97779
date
Fri, 25 Apr 2025 09:59:55 GMT
server
nginx
access-control-allow-credentials
true
um
criteo-sync.teads.tv/ Frame CB9B 		23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-Fq0PXbgVjEP9FZn_OB4zA7r6KvomYcRoOPNLpQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.117.105 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-48-117-105.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
Fri, 25 Apr 2025 09:59:54 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync.htm
ade.clmbtech.com/uid/ Frame CB9B 		68 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-pPPiR7gVjEP9FZn_OB4zA7r6Kvp-okkS1iKzNg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:1c00:38::1732:76b3 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
x-content-type-options
nosniff
content-length
68
x-xss-protection
1; mode=block
date
Fri, 25 Apr 2025 09:59:55 GMT
content-type
image/jpeg
server
Bhoot
x-upstream
172.29.17.244:80
x-frame-options
sameorigin
xuid
eb2.3lift.com/ Frame CB9B
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-jSFqkbgVjEP9FZn_OB4zA7r6KvoFIw98P9QqPw&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-jSFqkbgVjEP9FZn_OB4zA7r6KvoFIw98P9QqPw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-jSFqkbgVjEP9FZn_OB4zA7r6KvoFIw98P9QqPw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Fri, 25 Apr 2025 09:59:55 GMT
content-type
image/gif

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
/xuid?ld=1&mid=2711&xuid=k-jSFqkbgVjEP9FZn_OB4zA7r6KvoFIw98P9QqPw&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Fri, 25 Apr 2025 09:59:55 GMT
k-vonrLrgVjEP9FZn_OB4zA7r6KvrhrAkYmpCxlQ
sync.1rx.io/usersync/criteodsp/ Frame CB9B 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync/criteodsp/k-vonrLrgVjEP9FZn_OB4zA7r6KvrhrAkYmpCxlQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.118.186.107 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

expires
0
cache-control
no-store, no-cache, must-revalidate
date
Fri, 25 Apr 2025 09:59:55 GMT
pragma
no-cache
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=65227120F6164B31981FDCBB5163320D&RedC=c.clarity.ms&MXFR=284FDB3AA0F2650714E4CEE3A4F26B76
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65227120F6164B31981FDCBB5163320D&MUID=0099F659EEB66C7D11B9E380EFEE6D93
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65227120F6164B31981FDCBB5163320D&MUID=0099F659EEB66C7D11B9E380EFEE6D93
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"9def19a40b5db1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Fri, 25 Apr 2025 09:59:54 GMT
content-type
image/gif
last-modified
Thu, 24 Apr 2025 17:40:58 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=65227120F6164B31981FDCBB5163320D&MUID=0099F659EEB66C7D11B9E380EFEE6D93
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B867DCCCEC50445C90983169E80085E5 Ref B: TYO201151002062 Ref C: 2025-04-25T09:59:55Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Fri, 25 Apr 2025 09:59:54 GMT
x-powered-by
ASP.NET
/
match.adsrvr.org/track/upb/ Frame FBBF
Redirect Chain
  • https://insight.adsrvr.org/track/up?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
  • https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
938 B
971 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d426f437d3ab510868eb4014152895f3133d75a536f89b8480a11116b4a237a7

Request headers

Referer
https://www.refa.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-type
text/html
date
Fri, 25 Apr 2025 09:59:54 GMT
server
Kestrel
vary
Accept-Encoding

Redirect headers

content-length
40
date
Fri, 25 Apr 2025 09:59:54 GMT
location
https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
server
Kestrel
sd
jp-u.openx.net/w/1.0/ Frame 59E3 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072523&val=vIzEbqQeK32HH_-k925Am8ISy7M
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

cache-control
private, max-age=0, no-cache
pragma
no-cache
x-forwarded-for
103.106.228.43
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif
vary
Accept
sync
sync.fout.jp/ Frame 59E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_cm&google_sc&from_google=pc2
  • https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESECHIBkcuUSNPszzojA4b-6M&google_cver=1
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESECHIBkcuUSNPszzojA4b-6M&google_cver=1
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
HTTP/1.1
Server
202.232.238.37 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Fri, 25 Apr 2025 09:59:55 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

cache-control
no-cache, must-revalidate
location
https://sync.fout.jp/sync?xid=googleadex&g_match=&from_google=pc2&google_gid=CAESECHIBkcuUSNPszzojA4b-6M&google_cver=1
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
331
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
report
sync.fout.jp/ Frame 59E3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&from_google=pc3&google_hm=dkl6RWJxUWVLMzJISF8tazkyNUFtOElTeTdN
  • https://sync.fout.jp/report?xid=googleadex&from_google=pc3
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.fout.jp/report?xid=googleadex&from_google=pc3
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
HTTP/1.1
Server
202.232.238.37 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Fri, 25 Apr 2025 09:59:55 GMT
Content-Type
image/gif
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive

Redirect headers

cache-control
no-cache, must-revalidate
location
https://sync.fout.jp/report?xid=googleadex&from_google=pc3
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
259
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
text/html; charset=UTF-8
server
HTTP server (unknown)
setuid
secure.adnxs.com/ Frame 59E3 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=125&code=vIzEbqQeK32HH_-k925Am8ISy7M
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.89.4 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
103.106.228.43; 103.106.228.43; 839.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
8d6fb76d-2d61-4c22-91c3-d8f31053474a
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 25 Apr 2025 09:59:54 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
tap.php
pixel.rubiconproject.com/ Frame 59E3 		42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=59910&nid=3504&put=vIzEbqQeK32HH_-k925Am8ISy7M
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
cc2b9026541f49c9c095b4cedfcedb9a
Pragma
no-cache
content-length
42
Content-Type
image/gif
sync
sync.fout.jp/ Frame 59E3
Redirect Chain
  • https://ssp-sync.i-mobile.co.jp/sync.ashx?dspid=5
  • https://sync.fout.jp/sync?xid=imobile&uid=e0187db0-a9ba-4b52-b0ec-79f897093b8d&sync_status=1
43 B
527 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.fout.jp/sync?xid=imobile&uid=e0187db0-a9ba-4b52-b0ec-79f897093b8d&sync_status=1
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
HTTP/1.1
Server
202.232.238.37 Nishikichō, Japan, ASN2497 (IIJ Internet Initiative Japan Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

Transfer-Encoding
chunked
Strict-Transport-Security
max-age=15768000
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Content-Encoding
gzip
Pragma
no-cache
Connection
keep-alive
P3P
CP="ADM NOI OUR"
Date
Fri, 25 Apr 2025 09:59:55 GMT
Content-Type
image/gif
Server
nginx

Redirect headers

Cache-Control
private
Location
https://sync.fout.jp/sync?xid=imobile&uid=e0187db0-a9ba-4b52-b0ec-79f897093b8d&sync_status=1
Connection
keep-alive
P3P
CP = "NOI DEV PSA PSD IVA PVD OTP OUR OTR IND OTC"
Content-Length
0
Date
Fri, 25 Apr 2025 09:59:54 GMT
X-Powered-By
ASP.NET
Server
Microsoft-IIS/10.0
Pug
simage2.pubmatic.com/AdServer/ Frame 59E3 		42 B
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwOTcmdGw9NDMyMDA=&piggybackCookie=vIzEbqQeK32HH_-k925Am8ISy7M
Requested by
Host: js.fout.jp
URL: https://js.fout.jp/beacon.html?from=dmp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.34.80 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://js.fout.jp/

Response headers

cache-control
no-store, no-cache, private
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 25 Apr 2025 09:59:53 GMT
content-type
image/gif; charset=utf-8
server
nginx
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame FBBF 		422 B
934 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by
Host: match.adsrvr.org
URL: https://match.adsrvr.org/track/upb/?adv=jugy6jk&ref=https%3A%2F%2Fwww.refa.net%2F&upid=tlpkzes&upv=1.1.0&paapi=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.165.18.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-165-18-96.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://match.adsrvr.org/

Response headers

ETag
"4e7de5ca0248ffa6216174e643f3112d"
Age
9233
Connection
keep-alive
Via
1.1 9c2ec4e75119be694d07de3296eddb1c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
422
X-Amz-Cf-Id
Jnhg0GvbjyRtC8gUL0O8EhZ6-Sz3U48X71bzrb64xJR2He7au83Gvg==
Date
Fri, 25 Apr 2025 07:26:02 GMT
Content-Type
application/javascript
Last-Modified
Fri, 25 Apr 2025 07:23:07 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT12-P4
x-amz-server-side-encryption
AES256
google
match.adsrvr.org/track/cmf/ Frame 57B0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=ZGVjMDU4NjctOTM2ZS00ODJmLWIwODAtYjlmYTk1MTRiNTE4&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9...
  • https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9514b518&google_gid=CAESEGEbNM6b4spWynigcOOkHn8&google_cver=1
70 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9514b518&google_gid=CAESEGEbNM6b4spWynigcOOkHn8&google_cver=1
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-length
70
content-type
image/gif
date
Fri, 25 Apr 2025 09:59:54 GMT
server
Kestrel

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
386
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=dec05867-936e-482f-b080-b9fa9514b518&google_gid=CAESEGEbNM6b4spWynigcOOkHn8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
rubicon
match.adsrvr.org/track/cmf/ Frame 478D
Redirect Chain
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=dec05867-936e-482f-b080-b9fa9514b518&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
  • https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
70 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

content-length
70
content-type
image/gif
date
Fri, 25 Apr 2025 09:59:54 GMT
server
Kestrel

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 7F64 		43 B
799 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=dec05867-936e-482f-b080-b9fa9514b518&expiration=1748167194&gdpr=0&gdpr_consent=
Requested by
Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://match.adsrvr.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
935cfd885ce8e394-NRT
content-length
43
content-type
image/gif
date
Fri, 25 Apr 2025 09:59:54 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqXefUv%2FQvQnlAiPDQA7PSd6R7V9cYXHhvBBf5GNUoRkUtLZjoUayx%2BjAAqUEvyFI3H63XIMAPYVtskB4BrO1iEdXl7LM3Hub9phvEgG1PtAHah7k4IHoW7G3pSMkf2hyT5OVkG1Sjgbpw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfExtPri
vary
Accept-Encoding
setuid
ib.adnxs.com/ Frame CB9B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-qnQn5LgVjEP9FZn_OB4zA7r6KvpLIoci5-jOvw
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.17 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
103.106.228.43; 103.106.228.43; 1047.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; *.adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
53e4e094-2bf2-42a1-b7ef-ecd215b1c305
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Fri, 25 Apr 2025 09:59:55 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
favicon.ico
www.refa.net/ 		32 KB
33 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.refa.net/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.98.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-179-98-218.ap-northeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
749833df9eeeac4b6e5b7eac5f5eb02318917e242440bb3b06536e09acc84a71
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Referer
https://www.refa.net/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' https://*.my.soasc.net;
etag
"80dc-59df9822da400"
x-content-type-options
nosniff
accept-ranges
bytes
content-length
32988
date
Fri, 25 Apr 2025 09:59:55 GMT
x-xss-protection
1; mode=block
content-type
image/vnd.microsoft.icon
last-modified
Fri, 07 Feb 2020 10:04:00 GMT
server
Apache
collect
b.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.refa.net/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.refa.net
Date
Fri, 25 Apr 2025 09:59:55 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
collect
b.clarity.ms/ 		0
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.8.1/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.refa.net/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.refa.net
Date
Fri, 25 Apr 2025 10:00:01 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| refa object| jQuery111306142542208009638 function| SliderPro function| SliderProSlide object| SliderProUtils function| uiModalYoutube function| uiComment object| dataLayer object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga object| criteo_q object| _fout_queue string| smnAdvertiserId object| google_tag_params object| microad_blade_jp string| yahoo_retargeting_id object| yahoo_retargeting_items object| ebis function| fbq function| _fbq function| twq object| _ltq function| _lt object| Smn object| utag_data object| yjDataLayer object| ytagapi function| ytag object| FOut object| cto_csm_CspLogger object| regeneratorRuntime object| twttr object| gaplugins object| gaGlobal object| gaData object| _ltc function| GooglemKTybQhCsO number| google_conversion_snippets number| google_conversion_first_time object| yahoo_retargeting_sent_urls_counter string| yahoo_retargeting_pv_id function| gtag object| GooglebQhCsO object| utag function| onYouTubeIframeAPIReady function| google_trackConversion object| uetq string| gtagRename object| cspDomains object| itm_dl1_1012284 object| _itm_ function| UET function| UET_init function| UET_push object| ueto_616dfda800 function| IMLOGv2 object| _paq object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| clarity object| clarityuetq function| ttd_dom_ready function| TTDUniversalPixelApi function| _TTDUniversalPixelApi object| ttdPixel object| _uidSdkListenerLock function| setUidVariables function| setupUidSdk

113 Cookies

Domain/Path Name / Value
www.refa.net/ Name: ReFaCN
Value: repeat
.refa.net/ Name: _gcl_au
Value: 1.1.403049984.1745575193
.refa.net/ Name: _yjsu_yjad
Value: 1745575193.b6c26d55-9252-4708-9124-7350a7aa2515
.criteo.com/ Name: uid
Value: 47ca5c18-0170-4b7f-9f9a-781d97ba7899
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.refa.net/ Name: _gid
Value: GA1.2.1059188510.1745575193
.refa.net/ Name: _gat_UA-66487979-1
Value: 1
.www.refa.net/ Name: __lt__cid
Value: f239ac41-3785-4a0e-b2c2-4ce573983906
.www.refa.net/ Name: __lt__sid
Value: 0abdf5f4-46e5589c
.line.me/ Name: _ldbrbid
Value: tr__k1y/XGgLXRmxuy5dkyz0Ag==
.ladsp.com/ Name: cr
Value: 1
.refa.net/ Name: utag_main
Value: v_id:01966c63ac10001eb4d5631990b605065001505d00b08$_sn:1$_se:1$_ss:1$_st:1745576993616$ses_id:1745575193616%3Bexp-session$_pn:1%3Bexp-session
.ladsp.com/ Name: smn_uid
Value: L_O8G-hUgfgyogzs3bGDayiYy8URssA
.ladsp.com/ Name: receive-cookie-deprecation
Value: 1
.refa.net/ Name: _ga_3QN5BHV6QK
Value: GS1.1.1745575193.1.0.1745575193.60.0.0
.refa.net/ Name: _ga
Value: GA1.1.1394870140.1745575193
.t.co/ Name: muc_ads
Value: f67c82d6-ad77-40f2-aea7-a251a218e145
.t.co/ Name: __cf_bm
Value: w034AQQU6eWxS45HlZziQLmlCLq3xxzZz9FXHaZ3ZCo-1745575193-1.0.1.1-4ZItcI58Lo92N2SOh0SuVkUa1wOOhy3QwNXtGu4nIgRINwXJ0RVVPqozN188ENBaRt__F9CnosvSg5_LTRe69vYGnKoHdeMsUhY_UreQM90
.twitter.com/ Name: personalization_id
Value: "v1_Mqhouc0TSLH+pVAgdBK1qw=="
.twitter.com/ Name: __cf_bm
Value: mWIcU_hTzT61MXSAJv4HETv.FQrx_xcyjTkcWHhNFNk-1745575193-1.0.1.1-r4Hj5Buy6Tt_PcH8lOb54TehbI2gaR.b7UUCBc__27IGt_jOtn77Doglf2G5BDEAuKXiSGkvnPPhaPmxIURa6F_DTATUz14IK.WcOdk.SJc
.yahoo.co.jp/ Name: XA
Value: eeo5se5k0mn8p&sd=A&t=1745575193&u=1745575193&v=1
.yahoo.co.jp/ Name: XB
Value: 08fb27f0-21bc-11f0-a57c-5382a4152789&v=6&u=1745575193&s=hd
.refa.net/ Name: cto_bundle
Value: 6uPfH19NRHZwMDZZOU5UdnVBZ1dpbzBxZTdLa1R1d0dqMjNwSXVyMTdHVWMlMkZHYUJSaW0lMkZYZ1d0WWRxTnhEVkFoTFZGMml0bWo5cHZKVGQ2QlZSZnUlMkJJRG9mUXZaMWhRQkFlajJwWUlpRTNmcGZrQ3FNQ21IR0xsaXN3RGxsR0NpTFpvWktBajhyQjhBZWFGYlpKVTlZVW9vVVElM0QlM0Q
.refa.net/ Name: _fbp
Value: fb.1.1745575193756.78443584498391032
.doubleclick.net/ Name: IDE
Value: AHWqTUlSZSjjaISjVtW5ifHYTEgEVwzzflgUar96Zni5Wq5PoZE9vyb7C8HIueHc
.fout.jp/ Name: uid
Value: vIzEbqQeK32HH_-k925Am8ISy7M
.fout.jp/ Name: receive-cookie-deprecation
Value: 1
.im-apps.net/ Name: receive-cookie-deprecation
Value: 1
.ladsp.com/ Name: tpc
Value: 1745575194&mTxrsbcXjcbp0Lne4Pwl2g&
.ladsp.com/ Name: lum
Value: CM_ZjuPmMhIFCAEQqAESBQgZEMABEgQIDRB4EgIIDhICCCoSBQgDEPABEgIICxICCA8SAggQEgIIERICCBQSAggbEgIIHBICCB4SAgggEgIIIhICCCsSBQgKEJAN
.im-apps.net/ Name: imid_created_secure
Value: 1745575193
.adingo.jp/ Name: logicad
Value: AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs4w
.pubmatic.com/ Name: KRTBCOOKIE_629
Value: 11487-AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
.im-apps.net/ Name: imid_secure
Value: JlJJF6PQRM2ezzJ6yKKNUQ
.ad-stir.com/ Name: uid
Value: 02afe5f6-f96a-4f11-9dea-8efbb14b1760
.ad-stir.com/ Name: d20
Value: AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOszw
.openx.net/ Name: i
Value: 2bebe527-a4c0-431d-856e-6fd9c24160c8|1745575193
.gssprt.jp/ Name: gid
Value: 292b1bc2a0af2c37ff1d52c4f3ccf176
.gssprt.jp/ Name: logicad
Value: AaldhsaDx9bIks8AKJjLxRGywBw
.adn.caprofitx.com/ Name: pfxid
Value: d7867b1e-662b-4e96-9ed7-eade9cba801f
.adn.caprofitx.com/ Name: pfxids_logicad
Value: eyJpZCI6IkFheVlMRWxmR0JUUmtzOEFLSmpMeFJHeXdNOEFBQUdXYkdPczZnIiwidXBkYXRlZEF0IjoiMjAyNS0wNC0yNVQwOTo1OTo1My45NTlaIn0
.sp.gmossp-sp.jp/ Name: deviceIdentifier
Value: x3mrWQPVyLHSO3hg
.gmossp-sp.jp/ Name: dsp_logicad
Value: AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs7w
.socdm.com/ Name: SOC
Value: aAtdGcCo8G4AAFoZhssAAAAA
.popin.cc/ Name: piuid
Value: ab36d01359bf4553bf07ec8084282399
.popin.cc/ Name: p_logicad
Value: AayYLElfGBTRks8AKJjLxRGywM8AAAGWbGOs8Q
.refa.net/ Name: _uetsid
Value: 092eb77021bc11f0a9695b5970ae787e
.refa.net/ Name: _uetvid
Value: 092ee43021bc11f0a6360952a31eb52d
.adtdp.com/ Name: uid
Value: b29bfeb1-a57c-4fdb-98e3-092393061661
.adtdp.com/ Name: pr
Value: aja
.bat.bing.com/ Name: MR
Value: 0
.bing.com/ Name: MUID
Value: 0099F659EEB66C7D11B9E380EFEE6D93
.bidswitch.net/ Name: tuuid
Value: cff599c4-5d9b-43c3-acf3-c99555921e44
.bidswitch.net/ Name: c
Value: 1745575194
.bidswitch.net/ Name: tuuid_lu
Value: 1745575194
.rubiconproject.com/ Name: khaos
Value: M9WMEFWO-D-HU7U
.rubiconproject.com/ Name: khaos_p
Value: M9WMEFWO-D-HU7U
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
www.refa.net/ Name: _im_id.1012284
Value: 79bb86f3287ba0e8.1745575194.
.adnxs.com/ Name: XANDR_PANID
Value: 1Ypi1epY7nAP6-RV8YdJk_G3tgpWQgyP-eX9GEvkX_HID90-I80iSeSsc8Ix77QDPsTwt7QgC7X9UEcBLZ1sIgrKupJzTQ1orHdg8fz1-Js.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 4406566417585652607
www.refa.net/ Name: _im_ses.1012284
Value: 1
www.clarity.ms/ Name: CLID
Value: da6e9d87332340c7becc8ad17c049c1b.20250425.20260425
.ad-stir.com/ Name: bpmkv
Value: 1
.refa.net/ Name: _clck
Value: 1nggra8%7C2%7Cfvd%7C0%7C1941
.gmossp-sp.jp/ Name: dsp_bypass
Value: 02afe5f6-f96a-4f11-9dea-8efbb14b1760
.casalemedia.com/ Name: CMID
Value: aAtdGhdaRDgAHAtmBxzu8AAA
.casalemedia.com/ Name: CMPS
Value: 5365
.casalemedia.com/ Name: CMPRO
Value: 5365
.taboola.com/ Name: t_gid
Value: 47b5d8b6-1f17-4373-88ae-91f9f04217c0-tuctf04e29a
.taboola.com/ Name: t_pt_gid
Value: 47b5d8b6-1f17-4373-88ae-91f9f04217c0-tuctf04e29a
.impact-ad.jp/ Name: tuuid
Value: 9f9bd795-78a4-4521-8801-74198855892a
.impact-ad.jp/ Name: c
Value: 1745575194
.impact-ad.jp/ Name: tuuid_lu
Value: 1745575194
y.one.impact-ad.jp/ Name: cmt
Value: !105=cff599c4-5d9b-43c3-acf3-c99555921e44=1=517409994=514817994
.doubleclick.net/ Name: ar_debug
Value: 1
.adn.caprofitx.com/ Name: pfxids_bypass
Value: eyJpZCI6IjAyYWZlNWY2LWY5NmEtNGYxMS05ZGVhLThlZmJiMTRiMTc2MCIsInVwZGF0ZWRBdCI6IjIwMjUtMDQtMjVUMDk6NTk6NTQuNDU4WiJ9
.ad-stir.com/ Name: bpuids
Value: "8,20011,11,14"
.ad-stir.com/ Name: bpsfin
Value: 1
.send.microad.jp/ Name: TR
Value: 087f4213172250966797c992a88c0f74b904e309ec46f35e
.impact-ad.jp/ Name: psm
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-v3qfV7gVjEP9FZn_OB4zA7r6Kvo8Op2gtmiHGQ&KRTB&23037-uid:k-v3qfV7gVjEP9FZn_OB4zA7r6Kvo8Op2gtmiHGQ&KRTB&23144-uid:k-v3qfV7gVjEP9FZn_OB4zA7r6Kvo8Op2gtmiHGQ&KRTB&23286-uid:k-v3qfV7gVjEP9FZn_OB4zA7r6Kvo8Op2gtmiHGQ
.pubmatic.com/ Name: PugT
Value: 1745575193
.fout.jp/ Name: lastW_mapping
Value: 1745575194
.pubmatic.com/ Name: KRTBCOOKIE_669
Value: 13218-vIzEbqQeK32HH_-k925Am8ISy7M&KRTB&23652-vIzEbqQeK32HH_-k925Am8ISy7M
.c.bing.com/ Name: MR
Value: 0
.adsrvr.org/ Name: TDID
Value: dec05867-936e-482f-b080-b9fa9514b518
.teads.tv/ Name: tt_viewer
Value: 89e7bb36-5af2-4031-a9c2-1f45afda245e
.i-mobile.co.jp/ Name: xid
Value: e0187db0-a9ba-4b52-b0ec-79f897093b8d
.rlcdn.com/ Name: rlas3
Value: YfMOYgPz3A2wFNDxlPbTO5f3nlZGKqFYCr9fHNmVqQk=
.rlcdn.com/ Name: pxrc
Value: CAA=
.media.net/ Name: visitor-id
Value: 3885767942652594000V10
.media.net/ Name: data-c-ts
Value: 1745575194
.media.net/ Name: data-c
Value: k-fhhUZLgVjEP9FZn_OB4zA7r6Kvrm0OI3O24GGg~~3
.criteo.com/ Name: cto_bundle
Value: 0RauxV82aWNlRFZjS2ZQcGNNM0xTN2NmMnQ3bnlFdCUyRkhLdTFZRW9tNFFJUFlrSUdXQ2tsSVlDcXlEVTFXJTJGT3V3VWQ0YUNxVVhKVzRpVzlSWUJPd1Zlb3l0V0twdW53TmY0cnpNMElRU3YlMkZveDYlMkZLNnFrVk9nV3puTVJ3OFZPMnU0bWY1UjlJWmRCVFVndjVkcVB2M3lERldWZyUzRCUzRA
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsI0vrm4776gT4QBRIWCgdydWJpY29uEgsIyOj54r76gT4QBRIVCgZjYXNhbGUSCwiSi_rivvqBPhAFGAUgAigDMgsIlKj8j9X6gT4QBUIPIg0IARIJCgV0aWVyMxABWgdqdWd5NmprYAE.
.agkn.com/ Name: ab
Value: 0001%3AcGwtgQroWu9F50lbfw9otpaaxpoI8ieC
.rubiconproject.com/ Name: audit_p
Value: 1|craf9vdFNTROLuzBoE/Sxg7shD3y4nqpwUkj2/poFuty77CvivIld+aTzoCCmXJxQzzcNpLDSaeM1KxoLazIt4iV7Zy4iowP6F2snLdp6IaNf/PPUr64tfk/LODV/VhdOC7FTxYIyn2nHgIGaK7KkgoAPeI47KsRV0LgQHR6bVwSlSS6P21+Q9zpQ7vzkXQ/
.rubiconproject.com/ Name: audit
Value: 1|craf9vdFNTROLuzBoE/Sxg7shD3y4nqpwUkj2/poFuty77CvivIld+aTzoCCmXJxQzzcNpLDSaeM1KxoLazIt4iV7Zy4iowP6F2snLdp6IaNf/PPUr64tfk/LODV/VhdOC7FTxYIyn2nHgIGaK7KkgoAPeI47KsRV0LgQHR6bVwSlSS6P21+Q9zpQ7vzkXQ/
.refa.net/ Name: _clsk
Value: buge37%7C1745575195082%7C1%7C1%7Cb.clarity.ms%2Fcollect
.adnxs.com/ Name: anj
Value: dTM7k!M41$F7/.XF']wIg2GVLgL4yX!A#Fy.TSz(Dl1iX!PO9gDZ+CwGNPB4?g3e1_'axcA0h[RSJ*UP^H(fLYS19Ob:7l$aaT>TGGi]D3RfedE7VW]Fp9RJotxs<vT<r]aL_3M:LQQh713(1VQZF?UTO>CoxSk4qAXo^TrgkopV4iWCrtOdCnY4Es4=:s
.c.bing.com/ Name: SRM_B
Value: 0099F659EEB66C7D11B9E380EFEE6D93
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0099F659EEB66C7D11B9E380EFEE6D93
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.smartadserver.com/ Name: pid
Value: 5480570543212623629
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-rDDDfrgVjEP9FZn_OB4zA7r6KvpPSgj2SvGobA
.3lift.com/ Name: tluidp
Value: 2054122059174620068559
.3lift.com/ Name: tluid
Value: 2054122059174620068559

3 Console Messages

Source Level URL
Text
network error URL: https://www.refa.net/css/font/ProximaNova-Regular.otf
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://cd.ladsp.com/script/pixel.js(Line 1)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 27)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://*.my.soasc.net;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10707063.fls.doubleclick.net
12693547.fls.doubleclick.net
aa.agkn.com
ad.as.amanad.adtdp.com
ad.doubleclick.net
ade.clmbtech.com
adn.caprofitx.com
adservice.google.com
am.yahoo.co.jp
analytics.twitter.com
apm.yahoo.co.jp
atb.im-apps.net
b.clarity.ms
b.im-apps.net
b6.im-apps.net
b92.yahoo.co.jp
b97.yahoo.co.jp
b99.yahoo.co.jp
bat.bing.com
bypass.ad-stir.com
c.bing.com
c.clarity.ms
cd.ladsp.com
cm.g.doubleclick.net
cnt.fout.jp
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
cs.gssprt.jp
d-cache.microad.jp
d.line-scdn.net
dis.criteo.com
discoveryplus.popin.cc
dmp.im-apps.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
jp-u.openx.net
js.adsrvr.org
js.fout.jp
match.adsrvr.org
mug.criteo.com
partners.tremorhub.com
penta.a.one.impact-ad.jp
pixel.rubiconproject.com
px.ladsp.com
r.casalemedia.com
refa.net
rtb-csync.smartadserver.com
s-cs.send.microad.jp
s.yimg.jp
s.yjtag.jp
secure.adnxs.com
simage2.pubmatic.com
sp.gmossp-sp.jp
ssl.socdm.com
sslwidget.criteo.com
ssp-sync.i-mobile.co.jp
static.ads-twitter.com
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.1rx.io
sync.ad-stir.com
sync.fout.jp
sync.outbrain.com
sync.taboola.com
sync6.im-apps.net
t.co
tags.tiqcdn.com
taj1.ebis.ne.jp
td.doubleclick.net
tg.socdm.com
tr.line.me
u.openx.net
um.ladsp.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.refa.net
x.bidswitch.net
y.one.impact-ad.jp
103.43.89.4
103.43.91.17
104.18.26.193
107.178.248.96
119.63.198.176
124.146.153.162
13.114.11.148
138.113.138.164
141.226.231.48
142.250.196.100
142.250.198.6
142.250.207.34
142.251.222.3
142.251.222.34
142.251.42.134
142.251.42.168
147.92.191.92
157.240.31.35
157.240.31.5
162.159.140.229
172.188.170.32
172.217.161.66
172.217.25.163
172.217.26.226
172.217.26.230
172.66.0.227
18.172.30.90
18.172.52.116
18.172.52.72
18.179.98.218
18.182.218.121
182.161.74.11
182.161.74.16
182.22.24.252
182.22.30.204
183.79.48.249
199.232.148.157
2001:4860:4802:34::178
202.232.238.37
202.232.238.39
202.233.84.8
202.239.3.249
203.137.133.151
207.65.34.80
216.239.34.178
23.106.127.170
23.192.193.157
23.222.96.30
23.42.117.131
23.48.117.105
2404:6800:4004:80c::2002
2404:6800:4004:825::2008
2404:6800:4004:825::200a
2404:6800:4008:c05::9c
2406:2600:4::2e
2406:2600:4::b
2600:140b:1600::173b:fc93
2600:140b:1a00:23::173f:e925
2600:140b:1c00:38::1732:76b3
2600:1901:0:2dbc::
2600:1901:0:d706::
2600:1f10:4ce4:4a05:7bab:95fd:f046:ea73
2600:9000:21b5:b200:7:2bfb:7c00:93a1
2600:9000:2828:2800:1e:513c:d3c0:93a1
2620:1ec:33:1::10
2620:1ec:bdf::46
3.114.66.39
3.164.121.106
3.165.18.96
34.49.1.209
34.98.64.218
35.201.98.24
35.213.17.49
35.213.7.90
35.244.154.8
35.244.159.8
35.71.178.8
35.75.254.126
4.153.129.168
52.195.109.1
52.197.229.214
52.223.40.198
52.231.230.148
54.168.99.99
54.64.75.156
69.173.158.64
74.118.186.107
0096d793dbff0842ac166ca51051e699d149e88ded75cef3b6de664f9b7721ad
01148624e9caa337843d91978293481f0c48c8d635e98aee2939b095a54ad2c7
0513bdc4727d279aec2e447d48a89d02cd1c53f8c26fc5079c781bb78022ecba
0a00a223e4faf550435ccdfa481718e30daaef18041b28ae547a9e8891701b19
0a03387c46336ef65b37a33cac758afaddd1429bc3ea9c014cb135bb3b9aece8
0b98a19365222891ff6bdd5d467a71e5bd25b0cba2ea3733392c6f52bcb44ebf
0ba48dccf406bd820e3d57ae7f8ef8d9cb1297b831a842eed939312473b77fe9
0e0af92009f1fe0ff4d7e2a5a3629e7c4609ba49e27b8a9778137e48f9790fc5
0e3bcdd405be5082639213a43e713e0d6e8b801c37f6c0be7291f324b0853407
0e4f4ca9a9984bb66c83a3960717bf3a159ccd187c50f0454c1edc13e2f32c92
0fe30326ace35e058a501d3a301a7930c82fd9fce3231478452f14fa2237403d
0fe79403b0da509e1489e4ee29a83825f876a00dfbd4a2a84374160008509566
112512dba86709f5330c91fbfce0b75fbbce56cdb5f25e7ccce6d5ba6b150519
1258bb21295d9c45518ff56df6fe0f297de6ba01307ac57b7d4062a89c826df5
12c6bd9c71c5c5973eee8b4847f96ba481838ebad0b6dba860c05386d535e841
13a3725a7a9cbb6cd31e31aaf38ded77543b8d3f80ecf0649fec2439def693e5
1506dbfcc6176e64a8d70331eac38af23119fe821581b490cbacb3b50042c133
16fd28d7d50667ff6bbbe9fdca15d32116ec0c51e4e2fe9fbfddd5b50e0168a7
17be2466d262d98456527705c60616767ad6171734bf7a26933ce708afcf886f
18ac154fb54f049212fa32a410b2cc3ea2c54b468833815759646aadb531133e
1a2ad774c88495859f82aeeda6be27ff5d949f89e8607a0c23f452d1454d791f
1a2ce6cc85dfc81d5f8d383ff7ab1366eba6cc47cd90f1b13035474267d9e4aa
1b45a8c68b845d10350545325cd3c14fd09a777a7510b4026d070cfaf0ac2329
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ede3b0161b1ba4f2e43774edde9c75ab2eb1335ca4b32a1b12be4efbddbcc25
1f7152bc9870d2705720dfb9a005bb9b85872aa2871841e2290d8d6f3d103a3e
23648a805757fe951690f36a2703fc44bed7446f27ab14002b755414eee79eb8
23b168d37d67d881829975f86b7c730f893a51cf337b0700cee1283c8c1d62d7
2428ad73e1b689116cf61bca0a6452de66fad7afb54d13883cb1c6830f468f91
2538590b87a5eb44bb27a7a5039451a5606d80c587cb361de40ed4193c9a552f
257f0e7d169fff1f3b74c7854791f36fd809cb06a5f499bbb5194619c0ab611a
2724d11992815bd94e9c2045ae99df34478108c76aef64051f32492301e5c646
28011ea8e672ce692536247bea4fce0eda0eda3edb71daa474974b0d7a3c64d9
28b2daaba34cf81a2cfcc1387f8b643970b99217d4bf38d81998f1881728d250
28fbbe396672899343f5a40b8d32c33d863bb7d266cd3cca08291790677e9f52
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b1569f169809d69310a339774c908c2ee095d2d90ce5f1464d922ef02ac474e
2caf72ed04f9de90d7ecb5fa23f95de7a1f977b19dfbb4bbe6e92765fe581b3e
2d1fa6b88df0daf228a506d6570e26fe40d3b48a60f024f27b5c407301049e9d
2e914ba245ff42449ed9ad8103d185ec7f8ddf5896a1b1a1b9c0a5427893c420
2e9f5a116eae6e176b7ede6a13854738425da3b6876fcc0cd0f1e0737c5686e9
2eac8bc3313ae675a3b18335252da61f6ab893696ead6272baf7d19e90b51bc6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3481c87254b9418fe5d1c0a6c33108a23109e41f0867c6118711e5cfa4345144
381b85b13b7e5349854d173bd4f107dcbcef218e36df352c417b8745be97500e
3856ad2d466bb48b721dd6ce633740f10d9a8f1175e04303e320692c80e65f00
3a1d245e5cf49cc0367bf71c2e2f0c194bbd6510fee371f7cad00d1074673dc6
3cb1d3b6a02a855c49562ee15c08f18cd35d00c2edc0f4931d84abcdd76b78d8
40f10ff64da9f0c2ef03317b611eee8fa8f181f7494cc4d0770fa476a8dd952d
415a145bd4c7403ac624e017365aab54cc22d70431d4c81d2f31d2bc89023d16
41a3a830e07e40cdbf135818a398d3b439a1b5e7a6d5b1e3c4112a06b5d63fb6
436ab6fd82a4947f0f0fe61f080cf60dd51c66bc2c201befaccaaaec19fdd2a7
4394af2b7c2bc94714d93cb6632d654b9feb0919f169b01669ddbc70412a0e6f
44070a7cb5d5c616e215b0cc03ba5fe0c8185716f7efb4c6b7f7e6e3cfd93aae
440c00dc7b522ef7e41675fe03f07e21882d878294ffe6811bde503fdcb9afc4
44e8cb44cdd9eb6a4d4e3818aa820f39413552076ed701340672bbc9d2cd1c0b
45e8db73421fb994f6a669e030bd592088deef4c704e151b72481556619aa5df
47a1c22451364f6ae69bcc5fc506001e077c923b7b60e02d8715078457d45e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4be1b568e89c78457cc77e33a6177663089dd80cc47341f73a789fdd43d05e98
4c3b799ae3bb8f31107585d13a9445920d4d27d8f4fe080ad1a5c750e28f0122
4cde44f4a6001baefb125113c0dc2c1ab127d26cd44b78d9b8cdd1d5955e3c6e
4d9bc12d794ed221ae1cbebbbeba7b267305c6dc94704412e6cfea0e156a5237
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f598cbac807f873d0d48a932391c8fe2ba795ac9a4102eabe6e0183cc12dbc4
4f9ae5d90f601466f0b2f62dbd41c201fe39b9586adb23f01387dd0a80c4069b
4fefb176157c6a3a8d8183ad9596a617f5d67c7d6f2b2840dbe0f6b533f4d43e
50a15fd8948b9cbbc75c65539420377625d99c59e77ecbfa6ead40d20a50f561
50c917f3539f19ccf47be4cba7a89195fe163b6e75be2004bd6bbad3c5c29c48
513de3b2a43502ca9a2103999dede09f6c4ea78844521212e00cf17c76506962
521ffb719d3a151ff80f1d59ffa16a6fbf3c128828cbd66c717ae0c3f73758b9
524ee1e948aa16b1ffb35f80197d77a28d4a4709cdf17a24fc9c64353ba05766
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55f536d57e399a63e080c49d01c4f40735659098956fda72af1f8b592cc3688e
57139058a78a65e8099ea3d55f1b7fea110264e6841dfe13292dc18d0b905cdf
589dc9e3526bc771a26cd4f2f0e33785d14e061b9ecce3535065d9cd5c43e0af
59eb9a72a36b3ecad4a44d11d0b90d16397f07290d748d99025efd26cfe43599
5a9fc9a8f2f9175d67b30b0c5e2fd4bf0e1a89c3e7c26574c2d9be8d0728494b
5fe36ac41d735e262ed03dfa258ad1c09ae6e73420f494e7c98380f3cdd133d3
60e7475db4e7966bc90efc41f1e7ef73e7312d2d6a92540defd6b0d58f85a316
6135fe16d7578e65be79a3e5d6ba252095648c1b871808f69b1482f6ff7f6839
6524d22393008fd154605775a1e22054c13b21967f6082f58de70d4cd8a97c77
665b7fa7318542e8161416bb89e4ff95b319f8fd758f7d6dff19e7154d9eb51c
67741fe2bd4e9b44e67da55f3fa7f2e039a908c89c3894fa0870e13c6a313e8f
678b9083554946bec086b95c4b8a98be0f44f514a69c01d3048af7a39e13d276
6a842ea462daca2a0b5a0f5f25bcfc8e0059ac811ca6c6a1bc54e4d9119621c3
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e36f923bb888442370f418b7d43c0d3845db329824991cbf34ae73df528fc46
749833df9eeeac4b6e5b7eac5f5eb02318917e242440bb3b06536e09acc84a71
74a8928649d9a790c33200230bcac1405bc83a4954fab1658994bd9d4a91b2ff
7537cf619819feb34e2ac57dbca05ff1584047440ce0c8fcfdc5bcd719536177
759043dafa55d63c0788faf5611e14607e598d740d5bc64ecc772d841014d04c
76f7ed1e950345347015644836dd7a02a7fbe5f31c6034c60b75f2d980bf965c
7bef66040637d065b8289d806d1460f78ec8a0fb462125cd554ce3f8ba333846
7e502c6085eb961bec751d36ee86be53ae7b90e0e716d0acefc1c4525abf4388
80517b8960156057b554b4d7e31939a44657ebef90c5ae7575810e85617d525c
80e13b96531319ca8b59d9debf3b7831000f277eeee39f51052986965d90d7d7
845b9a0b4351439241ee717d7d4c8aa54299fb5ef5abb23a4daae3f622469afe
8482d94c6e4fc3d751f68899d49ce6e2be70a80c8bb434c9ddc3106c264b7e08
8559dc3c81a4baadc15eefeea7401d0169b34d66b33b72ad074f40d651b1c759
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d223186165f71dab0ce52e43f0f761272ab1d1baa4e44ff46825b3ee69de618
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ebc6bfe7959d723e5a43241bd42371be02a7a7c0d922213b76e30d11f590a40
8ecd899b23b5480c354a38a0a3792aa8b267dd59c93a874d71993696b0a9dc57
95a6465b4150259acc5301f8bb35c3d4b453db3eb366ee8d8571c7f52fb2f9b9
96dccaa929e6a14f0f439d8597777a97b22720516942d36fc625ae11e85c3ada
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98efbc407dca2fcdee11a9225437041a5ab0314864fa91833707c16e0b164d84
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2be8e33b2d1ff981f8e2410479d1ab2f5aa23370a3ba91283ca273c3db63ba
9c7413f69684c3785ee0c59fde2a95c90ad749a0b71ed32d96e972be34bab627
9e1e55ca62eee0910dde7263a83c8689ab503fa39e55d469f087bd4da73aaa96
9e3a9103c80346b1b39bea3de46f44a462b3f594fa45e7206252bc41d7e3e855
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a78e964f9ea0b21aef79bb45f7184c52b40af33dcdcb606584b971d413aaa93b
a91a0b9abba1fd929121fee0db6a068a3b733df621f6a337f5a7cfaadeb39cb4
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab32d76d64ab36478d657f01c5e77e6526c8a6099c364aa0ecd7124621d41fdf
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac89958fd75e99eba92cdb3f927cce205bd05c2c6ffe643c4bf52ca6558d61b3
ad595d2bcb4a29c72749ff607de9852c23e4f80ef11b6dca780a21d5e8f65cea
ae5e551805001afa84d27b1400bb18071c12d9829345febb9357d54fb544265e
af379f303873ed7dde6be5cc2d826b8dcf7686d33474ce0acbe7d8fc310e3bfe
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b730ea5162b85026d63b361b95025dc8766e58db7dcae31a8cc4ce1025bfae3a
b898272be45dff5dd67049c0178cac022a9d831a0c8f64b84fa9b26bcf5afd1a
ba485578d0039123c373e049537654a4463ec6539a5e150d1f33f447f9713dd9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be2bce89bb5f2723be6c2a7815ac1723ad50487538967bd9e3bf760333e3bcad
bf9122f9db31ccdb893d0d475b22f5ae3686373ed845ec3aeb498231516f58e0
c1f35a05b78d4d581914533d507f1abd3bf7351f7ff41f5f0d388d54e1bf5fb6
c38aa8e3a4697d31196a6ccdaa5959b8ded88268dec8b7b4556443d4b31f51e4
c7a98e7678733e7dd4eaa008a9b4c818c91e7a60f0f5cd1c8393eb558f329b46
c8087424634757d37e8b3a1749b339ecd68c3220982b86d729acd905c859fe1a
c8b624ad07331f0d6c28a75c54582cf826c19b8c7ef32eb5a0bb948fc2c7f374
c8ccbeb009c06056c4feb3e7789e7ec84cd42760012c996b4b8c8aa139926850
c8f2557c758747b429fcebe664c3a0a0d1f6708f25ae204b163b8aa741167e37
c9826309b452d120fd6d1cfc0cf457b923024f39d7098265a4c5e1e27d6a96e7
c9b1c1cb32cf5171a2c1a753d8ca75532c8db4c987bc25b876283837c805eae2
ca85d4a417a32bf646e74f6ddfd068a95dfafb72ade0b4200ce718f963f318dc
cd5da4133beeb2254331abcab61adea1dc0175577f95dda5bf041c2e6582c7e7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2d19470c6e6582fa8077412c42c7ae1b80aa298b80b97fb4eb4ec8b46ff7c75
d2e494cce0cb67fe795c1b218d34a107a0ccb73a8cbd1f592ce15e77f806e348
d36b373b44b77f016e4b7df913ba2da2a8025456f016bc794861f210c0e3ada3
d426f437d3ab510868eb4014152895f3133d75a536f89b8480a11116b4a237a7
daf575d309cd103f22b4870a8bf90e7ec0cf5f03ea8f55658da64442ca64fd87
db7749bf28c50f07a15842bfe0d9a95fc6865c9d716ea99e27f581a5fe56f208
dca8d57514cb1e51087eb9377b358d7cdcdf6ad2e0fa5d084851b5bca177e740
dcd2068d1d0e40a42043d396e3d60b1437f144965f57a1365dba3901a5c7d81d
de313643df0360a13d94fb9583114305bc3fd804ee4ce9df5d396a3c3d00200d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de4f47c8c2395815559148bdb19dec5d4eb84e130e4639e00d915a82eb4680b4
e05338752c34f37afa6b777747eaa7f318fab14a51a8b6876543550db6512745
e1a52c0a06fa9f65e015b02e7ec463fd621211a9d2ae44b6660597900e927fbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e501ea721e42ca4bc5f63e1696915101538f3db733bad0493b82e5a2d06c7f14
e54dfffb54fe2288c3c8aabf1533f94cf08b08293341375deb1b8321516f34b7
e59ce1d3b38f496f56dfffa7388a4867facc9e7acae6bbbf22374fc3bf268e81
e845d2306c78cf59b1821f3fc0316bc2081dad94029a4d98a487d2977e1e8a00
ec21fdac71d754a68b5e19acf07442f1ca7f666483f5d83eb63e41be683d9b0f
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
eccb869ac94b5913c7de835ba0755d6c4b09a26cc709d69f1f364141fcdc53bd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef51d8df2feec3accfe9a5275a64def5d77465add4be0b9741c7ff0f6edca1df
ef71352e0a4b4b55774686c8bb9ad5783b33460c6dae197532b954f008379390
f0d8fe227ec2e803f9c176208dc047140089b580a8722b4c17d64eece8eb41b5
f2a6463de97e090de322b1f61620101c0fe90806e87052af3ddc1151dfa7d212
f693f116ace8ff34b15f0c907bd75a41d85a9dc2d1b2de39aeba00460624f8ed
f88bcde81aace5bc260fd0a8ae132131fb2941b1b61195d399a6f40f575d044d
fc4969afcf1d9804f4f899a6f975b31bfb66408bc7fd43404c6172dc5f79994e
fea2eb260146bdad234decd71e009965911fe9bf6f1f09afeb0f39a80b68866b
ff25a3558bfc76f1e6aecb41b5063f2c6c02d79d5a7f93c2703474dd7ffdb229