urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://reurl.cc/AOW97Q
Effective URL: https://reurl.cc/AOW97Q
Submission: On October 11 via manual from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 70 IPs in 7 countries across 52 domains to perform 381 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 218303.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 35.185.130.121 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
34 203.75.214.136 3462 (HINET Dat...)
3 35.186.215.140 15169 (GOOGLE)
15 143.204.86.121 16509 (AMAZON-02)
40 2600:9000:221... 16509 (AMAZON-02)
3 2a03:2880:f00... 32934 (FACEBOOK)
4 2a03:2880:f10... 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 2404:6800:400... 15169 (GOOGLE)
4 2406:2000:a4:... 10230 (YAHOO-SG ...)
2 106.10.248.144 56173 (YAHOO-SG3...)
1 2406:2000:ec:... 24506 (YAHOO-TP2...)
6 210.59.219.180 3462 (HINET Dat...)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
5 2600:9000:21e... 16509 (AMAZON-02)
2 34.95.67.231 396982 (GOOGLE-CL...)
1 6 35.201.76.93 15169 (GOOGLE)
1 34.146.32.226 396982 (GOOGLE-CL...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.135 2635 (AUTOMATTIC)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 34.102.176.152 396982 (GOOGLE-CL...)
1 192.0.78.236 2635 (AUTOMATTIC)
1 8 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
12 182.161.74.18 55569 (CRITEO-AS...)
7 103.132.192.30 138552 (RTBHOUSE-...)
7 54.250.169.244 16509 (AMAZON-02)
2 103.254.153.160 59253 (LEASEWEB-...)
7 210.59.219.181 3462 (HINET Dat...)
8 2406:2600:4::1 55569 (CRITEO-AS...)
9 18 34.96.119.68 396982 (GOOGLE-CL...)
9 9 172.104.64.149 63949 (LINODE-AP...)
5 34.117.219.39 396982 (GOOGLE-CL...)
11 24 172.217.175.66 15169 (GOOGLE)
2 210.59.219.175 3462 (HINET Dat...)
2 2 23.194.224.97 16625 (AKAMAI-AS)
4 23.10.15.201 20940 (AKAMAI-ASN1)
8 209.58.188.181 133752 (LEASEWEB-...)
4 6 8.39.36.141 26667 (RUBICONPR...)
2 35.227.249.156 15169 (GOOGLE)
2 54.65.98.177 16509 (AMAZON-02)
2 2 69.173.158.64 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 52.95.118.179 16509 (AMAZON-02)
2 5 8.39.36.142 26667 (RUBICONPR...)
2 2 35.71.131.137 16509 (AMAZON-02)
1 1 2406:da18:929... 16509 (AMAZON-02)
2 3 209.54.182.161 16509 (AMAZON-02)
1 106.10.236.141 56173 (YAHOO-SG3...)
2 4 209.58.171.197 59253 (LEASEWEB-...)
6 2606:4700:20:... 13335 (CLOUDFLAR...)
4 8 2406:2600:4::b 55569 (CRITEO-AS...)
6 182.161.74.11 55569 (CRITEO-AS...)
6 2404:6800:400... 15169 (GOOGLE)
46 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
4 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
21 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
6 2404:6800:400... 15169 (GOOGLE)
9 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 2 2001:df2:a300... 6336 (TURN-US-ASN)
1 1 31.220.27.135 ()
3 3 74.118.186.45 26120 (RHYTHMONE)
4 4 35.71.178.8 16509 (AMAZON-02)
1 2 51.79.234.101 16276 (OVH)
1 2 23.45.61.118 20940 (AKAMAI-ASN1)
1 1 3.113.143.78 16509 (AMAZON-02)
1 1 18.210.86.232 ()
1 1 23.219.68.21 4230 (CLARO S.A.)
1 1 18.178.52.42 16509 (AMAZON-02)
1 1 52.77.85.240 16509 (AMAZON-02)
2 3 70.42.32.63 ()
3 2404:6800:400... 15169 (GOOGLE)
381 70
7    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
34    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net
3    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
15    143.204.86.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-121.nrt12.r.cloudfront.net
img.scupio.com
40    2600:9000:221a:2c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.holmesmind.com
3    2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
4    2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2406:2000:a4:9fe:: (Taiwan)

ASN10230 (YAHOO-SG internet content provider, SG)
s.yimg.com
2    106.10.248.144 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: media-router-flurry71.prod.media.vip.sg3.yahoo.com
ads.yap.yahoo.com
1    2406:2000:ec:c38::2001 (Taoyuan City, Taiwan)

ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW)
geo.yahoo.com
6    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
1    2404:6800:4008:c05::9d (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2404:6800:4004:827::200a (Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
5    2600:9000:21ee:3200:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)
adcdn.holmesmind.com
2    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
6    35.201.76.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    34.146.32.226 (Tokyo, Japan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.32.146.34.bc.googleusercontent.com
www.rayskyinvest.com
1    2606:4700::6810:fc04 (United States)

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com
i0.wp.com
1    192.0.78.135 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    2606:4700:3032::ac43:b27d (United States)

ASN13335 (CLOUDFLARENET, US)
img.racingcharger.tw
1    34.102.176.152 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 152.176.102.34.bc.googleusercontent.com
static.wixstatic.com
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
8    2404:6800:4004:826::2004 (Australia)

ASN15169 (GOOGLE, US)
www.google.com
1    2404:6800:4004:81c::2003 (Australia)

ASN15169 (GOOGLE, US)
www.google.co.jp
12    182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
7    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
7    54.250.169.244 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
2    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
hb.aralego.com
7    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
8    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
18    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
9    172.104.64.149 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com
gocm.c.appier.net
5    34.117.219.39 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 39.219.117.34.bc.googleusercontent.com
fp.holmesmind.com
24    172.217.175.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net
cm.g.doubleclick.net
2    210.59.219.175 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
rec.scupio.com
2    23.194.224.97 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-194-224-97.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
4    23.10.15.201 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-10-15-201.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
8    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
6    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    35.227.249.156 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
2    54.65.98.177 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-98-177.ap-northeast-1.compute.amazonaws.com
ccm.holmesmind.com
2    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel-apac.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    52.95.118.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
5    8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2406:da18:929:5a01:6c26:a2b6:665f:21f4 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    106.10.236.141 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: beap1.cbs.vip.sg3.yahoo.com
sg3.beap.gemini.yahoo.com
4    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
6    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
8    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
6    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
6    2404:6800:4004:824::2002 (Australia)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
46    2404:6800:4004:808::2002 (Australia)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2404:6800:4004:822::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
4    2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2404:6800:4004:824::2001 (Australia)

ASN15169 (GOOGLE, US)
a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com
3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com
21    2404:6800:4004:81d::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2404:6800:4004:827::2002 (Australia)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
6    2404:6800:4004:811::2002 (Australia)

ASN15169 (GOOGLE, US)
adservice.google.co.jp
googleads.g.doubleclick.net
9    2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2404:6800:4004:823::2002 (Australia)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2404:6800:4004:80c::200a (Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:df2:a300:bbbb::135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
1    31.220.27.135 (None, )

ASN- ()
s.uuidksinc.net
3    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
4    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
2    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
2    23.45.61.118 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-61-118.deploy.static.akamaitechnologies.com
sync.teads.tv
1    3.113.143.78 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-143-78.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
1    18.210.86.232 (None, )

ASN- ()
sync.srv.stackadapt.com
1    23.219.68.21 (Tokyo, Japan)

ASN4230 (CLARO S.A., BR)
PTR: a23-219-68-21.deploy.static.akamaitechnologies.com
cs.media.net
1    18.178.52.42 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-52-42.ap-northeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    52.77.85.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-85-240.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
3    70.42.32.63 (None, )

ASN- ()
b1sync.zemanta.com
3    2404:6800:4004:811::2003 (Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
69 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com
3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
584 KB
69 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 116450
adcdn.holmesmind.com — Cisco Umbrella Rank: 113466
fcm.holmesmind.com — Cisco Umbrella Rank: 119918
c.holmesmind.com — Cisco Umbrella Rank: 91749
ad.holmesmind.com — Cisco Umbrella Rank: 84515
fp.holmesmind.com — Cisco Umbrella Rank: 114348
m.holmesmind.com — Cisco Umbrella Rank: 269955
ccm.holmesmind.com — Cisco Umbrella Rank: 489904
225 KB
35 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
373 KB
34 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 79697
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net
27 KB
30 scupio.com
img.scupio.com — Cisco Umbrella Rank: 69154
bw.scupio.com — Cisco Umbrella Rank: 120865
prebid.scupio.com — Cisco Umbrella Rank: 63991
rec.scupio.com — Cisco Umbrella Rank: 139508
348 KB
27 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 33563
gocm.c.appier.net — Cisco Umbrella Rank: 3834
4 KB
26 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 844
gum.criteo.com — Cisco Umbrella Rank: 486
mug.criteo.com — Cisco Umbrella Rank: 1859
21 KB
19 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1345
eus.rubiconproject.com — Cisco Umbrella Rank: 861
token.rubiconproject.com — Cisco Umbrella Rank: 1067
pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 25270
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
29 KB
14 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 16342
sync.aralego.com — Cisco Umbrella Rank: 4213
ads.aralego.com — Cisco Umbrella Rank: 23455
6 KB
12 gstatic.com
www.gstatic.com
fonts.gstatic.com
121 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 19
adservice.google.com — Cisco Umbrella Rank: 136
4 KB
8 criteo.net
static.criteo.net — Cisco Umbrella Rank: 789
272 KB
7 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 14452
1 KB
7 reurl.cc
reurl.cc — Cisco Umbrella Rank: 218303
6 KB
6 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9439
89 KB
6 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1300
s.amazon-adsystem.com — Cisco Umbrella Rank: 427
4 KB
6 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 12853
geo.yahoo.com — Cisco Umbrella Rank: 1914
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 735
sg3.beap.gemini.yahoo.com — Cisco Umbrella Rank: 36412
ups.analytics.yahoo.com — Cisco Umbrella Rank: 432
8 KB
5 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 13296
adservice.google.co.jp — Cisco Umbrella Rank: 55951
2 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 601
2 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 485
fonts.googleapis.com — Cisco Umbrella Rank: 118
69 KB
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 650
39 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 115
9 KB
3 zemanta.com
b1sync.zemanta.com
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
20 KB
3 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 94551
11 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1522
610 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1080
585 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 796
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 1257
r.turn.com — Cisco Umbrella Rank: 5416
869 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
93 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
1012 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
944 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 203
35 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 492
57 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 820
396 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 2337
1 KB
1 stackadapt.com
sync.srv.stackadapt.com
753 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 126862
358 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1879
572 B
1 uuidksinc.net
s.uuidksinc.net
290 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 850
571 B
1 alphaloan.co
blog.alphaloan.co
133 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 7283
1 MB
1 racingcharger.tw
img.racingcharger.tw
90 KB
1 creditcards.com.tw
creditcards.com.tw
152 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3762
360 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
34 KB
1 prnasia.com
mma.prnasia.com
61 KB
1 rayskyinvest.com
www.rayskyinvest.com
20 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 611
5 KB
1 re-news.tw
storage.re-news.tw
6 KB
0 inmobi.com Failed
sync.inmobi.com Failed
381 52
Domain Requested by
46 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
www.gstatic.com
googleads.g.doubleclick.net
www.googletagservices.com
40 cdn.holmesmind.com reurl.cc
cdn.holmesmind.com
ad.holmesmind.com
26 t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
24 cm.g.doubleclick.net 11 redirects eus.rubiconproject.com
reurl.cc
googleads.g.doubleclick.net
21 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
reurl.cc
googleads.g.doubleclick.net
pagead2.googlesyndication.com
18 ad2.apx.appier.net 9 redirects reurl.cc
15 img.scupio.com reurl.cc
img.scupio.com
12 bidder.criteo.com img.scupio.com
static.criteo.net
9 www.gstatic.com googleads.g.doubleclick.net
9 gocm.c.appier.net 9 redirects
8 gum.criteo.com 4 redirects static.criteo.net
8 sync.aralego.com img.scupio.com
ads.aralego.com
reurl.cc
8 a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net reurl.cc
t.ssp.hinet.net
cdn.holmesmind.com
8 static.criteo.net cdn.holmesmind.com
img.scupio.com
static.criteo.net
8 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
googleads.g.doubleclick.net
7 prebid.scupio.com img.scupio.com
cdn.holmesmind.com
7 ad.holmesmind.com img.scupio.com
cdn.holmesmind.com
7 prebid-asia.creativecdn.com img.scupio.com
cdn.holmesmind.com
7 reurl.cc 1 redirects reurl.cc
6 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
6 mug.criteo.com reurl.cc
6 cdn.aralego.net reurl.cc
ads.aralego.com
6 token.rubiconproject.com 4 redirects eus.rubiconproject.com
6 c.holmesmind.com 1 redirects cdn.holmesmind.com
reurl.cc
img.scupio.com
6 bw.scupio.com img.scupio.com
ajax.googleapis.com
eus.rubiconproject.com
5 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
5 fp.holmesmind.com cdn.holmesmind.com
5 adcdn.holmesmind.com cdn.holmesmind.com
4 eb2.3lift.com 4 redirects
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 adservice.google.co.jp securepubads.g.doubleclick.net
pagead2.googlesyndication.com
4 ads.aralego.com 2 redirects ads.aralego.com
4 eus.rubiconproject.com reurl.cc
eus.rubiconproject.com
4 s.yimg.com ad.sitemaji.com
s.yimg.com
reurl.cc
4 www.facebook.com reurl.cc
img.scupio.com
3 fonts.gstatic.com fonts.googleapis.com
3 b1sync.zemanta.com 2 redirects reurl.cc
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 aax-eu.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 www.google-analytics.com reurl.cc
www.google-analytics.com
3 ad.sitemaji.com reurl.cc
ad.sitemaji.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 onetag-sys.com 1 redirects reurl.cc
2 sync.1rx.io 2 redirects
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 match.adsrvr.org 2 redirects
2 pixel-apac.rubiconproject.com 2 redirects
2 ccm.holmesmind.com reurl.cc
cdn.holmesmind.com
2 m.holmesmind.com cdn.holmesmind.com
2 secure-assets.rubiconproject.com 2 redirects
2 rec.scupio.com img.scupio.com
2 hb.aralego.com img.scupio.com
2 fcm.holmesmind.com cdn.holmesmind.com
2 ajax.googleapis.com img.scupio.com
2 ads.yap.yahoo.com s.yimg.com
reurl.cc
2 connect.facebook.net reurl.cc
connect.facebook.net
2 cdn.jsdelivr.net reurl.cc
1 match.sharethrough.com 1 redirects
1 ups.analytics.yahoo.com 1 redirects
1 cs.media.net 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 r.turn.com reurl.cc
1 ad.turn.com 1 redirects
1 3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 sg3.beap.gemini.yahoo.com reurl.cc
1 pr-bh.ybp.yahoo.com 1 redirects
1 px.ads.linkedin.com eus.rubiconproject.com
1 www.google.co.jp reurl.cc
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 i0.wp.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 static.xx.fbcdn.net www.facebook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 geo.yahoo.com reurl.cc
1 storage.re-news.tw reurl.cc
0 sync.inmobi.com Failed googleads.g.doubleclick.net
381 88

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2022-09-23 -
2022-12-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.ssp.hinet.net
 2021-10-12 -
2022-10-12		 a year crt.sh
feebee.com.tw
R3		 2022-08-23 -
2022-11-21		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-07-20 -
2022-10-18		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2022-08-26 -
2022-11-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-05 -
2022-10-26		 2 months crt.sh
m.yap.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-05 -
2022-12-28		 6 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-07-12 -
2023-01-04		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.rayskyinvest.com
R3		 2022-09-10 -
2022-12-09		 3 months crt.sh
*.prnasia.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-08 -
2022-12-08		 a year crt.sh
*.gbyhn.com.tw
E1		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-11 -
2023-07-12		 a year crt.sh
tls.automattic.com
R3		 2022-09-19 -
2022-12-18		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-30 -
2022-10-27		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-17 -
2023-04-04		 a year crt.sh
*.beap.gemini.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-10-04 -
2023-03-29		 6 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh

This page contains 56 frames:

Primary Page: https://reurl.cc/AOW97Q
Frame ID: ED1FAA59E84E84CE1ED46A9A9432DBE9
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 271266D412511E503D91FD8664545599
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Frame ID: 696E32F16E5E05DE5C296E4F683F9C88
Requests: 11 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: A085D00D77CE81DE4C86F129492AB611
Requests: 16 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.65
Frame ID: 4D9A513C8E0A430455B19557CBFE77A2
Requests: 16 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A2E12F8D35F86EFBAD11AE62F712C4A0
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: B12A0D06930ACA7E31CE4B0824FB4E9D
Requests: 21 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 34DF40CA4BC54A80C5E78E32D46558E6
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: FB9A3A40D988ACA6DDB1EAA25D46D937
Requests: 20 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F28B98888D1C4E873777CDEDF28A434B
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Frame ID: 3E424F0098BC73FCE9AFA53ED902F4D5
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Frame ID: 3B3938749BE9E59972D8A384BC199AA6
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Frame ID: 80F35464D1965D5D72CD249ABE113C3B
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: FDC943A317D97F4DEC0F8678FF48A1A1
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Frame ID: 0DE8D2084AA3C9F4ED066ED624535107
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 8B6DC4D6BFBD70A721A20B21F989119C
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFF1A6WN7fCUtp0qSg3Y78E&google_cver=1&google_ula=3918219,0
Frame ID: 8114C4836BB2F336A59FD19A1F41131E
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 1CF96E95E09C1ABD9899D488FD568319
Requests: 12 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: AC68926282873CC2726C42B80E561BFF
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMPXHmyBjFS7xvsczy9764s&google_cver=1&google_ula=3918219,0
Frame ID: 237D750A1FFD6F623518EFED6D9F7D36
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 7BC0E02AA54FCE4E6A91A80FABD58A71
Requests: 4 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 5C3E0F8C1F3938CEDE21C00D9233FBC6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 7E7E61659D7DE71944D96B4B30D7797A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: FB3AE2349F3345818AA3E19835371F11
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 389665557963B4AFBFBD7A751C6A0D95
Requests: 19 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: A5FA8F9EF627D0CCF4D835B02F48AF5B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 697B0D76E6E8AA915440D582433CEE8B
Requests: 19 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: BEBA5D15790C9EC1BD22395F3365BD31
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 2BB26F1A57CF9D6C9F2A92F0AAFD4198
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Frame ID: E1FED4B6445B579763DDF0487FEF9F0D
Requests: 1 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Frame ID: E0C159841BD530BE6808836EB53FB4B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: 8E4F069BA242B11560FDB715B46C5E99
Requests: 5 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Frame ID: B094FEE800562C6562B45EC6DFCE31A7
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: EF008E240AEAE31F16814472D2B96743
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 3DFC410A3616217E20F27B8C630F2EFC
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 2FC57DEEE0DA1F5EA2669A6FDBF75209
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 192464916678B02BE9C28AA0EB093525
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5DC042439DA472961A02E5C4630A491B
Requests: 8 HTTP requests in this frame

Frame: https://a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: 20EAE71D179CEABE23DEA2308B789D1B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: CC8DC40A963CB250A1BF2754574AB47D
Requests: 8 HTTP requests in this frame

Frame: https://3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Frame ID: F596C295BF5F12F2ED3F17CB7A4BBD08
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Frame ID: 7F124796B9DFC81DCF7BE0267D1F7D38
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Frame ID: 227D5FA2A7E2A9B65E4F4A1E1861576E
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 830D57A7FF8EF75E0585384AE2931BE6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0736677F0CA59CD1126B0140F3725B3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBA9E249B7376C8AEF828729773D5AB0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 31CF7E08ED9948E61EDA9B2BCB3B13CF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AD3C689C663B361776B93BEC5327A74B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 21663DDFB7A363D5293B52467E5CC7D6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FF56394A43F209F5F70B90CA6CAA780B
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Frame ID: 3FAB0A198AD24B59B8A3747D925C3376
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F7759617F1280021488831CEC5388A9B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 79FCDA80C4F69D08E6B8AA7653E21283
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Frame ID: 023156840D7944140C7457B7EAF87649
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 613250AA7BABBCB9401F8AE56BE77131
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ED893B2200FAB1CF0EBACEF61DF192DA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Page URL History Show full URLs

  1. http://reurl.cc/AOW97Q HTTP 301
    https://reurl.cc/AOW97Q Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

381
Requests

88 %
HTTPS

40 %
IPv6

52
Domains

88
Subdomains

70
IPs

7
Countries

4459 kB
Transfer

7936 kB
Size

55
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://reurl.cc/AOW97Q HTTP 301
    https://reurl.cc/AOW97Q Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 92
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=61mfCMVhCySvTzFCI8VEYw
Request Chain 93
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 95
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=6vzw24YYCCWGQJw3I8VEYw
Request Chain 109
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 110
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMjEwMTEwOTIxMzkxMzQxOTY%3d&layout=js HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0xBMjAyMjEwMTEwOTIxMzkxMzQxOTY%3D&layout=js&google_tc= HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFF1A6WN7fCUtp0qSg3Y78E&google_cver=1&google_ula=3918219,0
Request Chain 132
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMjEwMTEwOTIxMzk2NjIyMw%3d%3d&layout=js HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q05BMjAyMjEwMTEwOTIxMzk2NjIyMw%3D%3D&layout=js&google_tc= HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMPXHmyBjFS7xvsczy9764s&google_cver=1&google_ula=3918219,0
Request Chain 137
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
Request Chain 163
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
Request Chain 184
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 186
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 188
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 189
  • https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Request Chain 202
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L93IPBJ8-Y-5JGE HTTP 302
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJ8-Y-5JGE
Request Chain 203
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L93IPBJF-4-4D2L HTTP 302
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJF-4-4D2L
Request Chain 208
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93IPBJF-4-4D2L
Request Chain 209
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_Mw8WITQSuO1lV6bXQV1aA&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_Mw8WITQSuO1lV6bXQV1aA
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAr3brY59QJ92SqK3KInC8E&google_cver=1
Request Chain 211
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://match.adsrvr.org/track/cmb/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0426e15-7af9-494b-b3ae-0fc5f4a46953&gdpr=0&gdpr_consent=&expires=30
Request Chain 212
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFkNzQwZTRiYTcwN2I5YzZlNjAwOTk4ZDM5OWM1M2M0OGEyYTgwMQ
Request Chain 213
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zAFkcbfigXWdZh0t9NM5SA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5281871935908473671
Request Chain 214
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2MVU0Q4GRPWt0IRN5t7T1A&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2MVU0Q4GRPWt0IRN5t7T1A
Request Chain 215
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzSVBCSkYtNC00RDJM
Request Chain 222
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 223
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 234
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=CajpvXwySkpXM2xLMWlHTHFFZkNmM2xKZ0lLZGE1dkI4U2ZBOU5zc3VBeTVaemRyMnJxZFhyQ3lyNlVYdHJ3c2xBOXB0ek5yL0VkMk5JMXBNMUFocHVKUVBNdThrdm5URnVFUzhmaHZta1ZXZGpYaFFUL2tQVWFyY2NyVDFSeWp2M3RGcGJGNWtRNDdOc0lFZmlYMnJhRkRxVXlrVHh1VHB6LzVCUlY1NEtDSkwwVXA2ZWYrMGNDelZQV3I5ZWx4V1VNRVBMcmRRNGJJY2gzdUVEYVJScWtLYzk3Q3ZGYXYzU2NSK0ZFMjBxVlB3bUVCcGhraFRHbTJrbkhpOElmTUEvdmxVclQwMjdXdXNqYnVGUm1DRkkyaFM1Y0dsWElEelQ1MWJUS2lsbFJscDlqdz18&cppv=2
Request Chain 235
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Jjh8hnxwNmFKbldJV2FqYWNJWm5vOE9UeDVZMTJnY3piVWU3V1Q1cENvbXFHcTZaYnE4Z0F4Z2hQTWpFUUJmZ2JlVVJ0SDZoSEZ1aHFSNTZOZzJyQ1B6d1Nodnh5czRwU3BPU3Y1bTVIWVAyaWF5dDF1ZUhieXFsQmRLWkVFcUt1cjlWaDc3QzJEZTJOYjYwTmtsY1p5RThva1l1Y01SdGJDbkdlMUpMK2M0eDJrM0dlYmRBd0N3VER5YzRNWU1jUEN6N2Y0ajRXak5wblBzUTVSdUFzZmlzZGF4ajNKZ2p4eFAyclNWVDduaUZQVVpLdEcva2JyZ0ZieXJ2VllFbFpPZ0RTL0pCSVFvR28vREdXUGQzQ2xoL1BZZHZRektieXRwazhzVHovR0ljOUdCWT18&cppv=2
Request Chain 285
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=9TAQ63xKeDZCVHJjOUhGTUFVZ3Y5cHJVSXBBbjhqeFpRcENIb3ZDd21uOU1GcjFHcTZTMVFjdWpRdTg5d1NvM1RwTTNLekRveWJnOTc3NXFrY3ljTHdmaE1UQmxVd3N3NFdJZ0N3QWRtNmdwekc5VnZzYkNJM3VhMjJRclBRMVJjcExIN29oS0R5eGNoNFdxZUNyZHlnM1hwMXNuNFJkbkZEdUlBdEJuVzlkNzk3WEdhem9IY1hiY2VsdExRcVpqMmo3UWY0Z0lNc29wZ05UYXpxYXNMRGdxalM5NTVmRU9sVnYyNGFQRUsyTUljeVZrN1gxSVhDWWYrMXF5MVY2S0R6T2ZRc09Za3M2eTdJWER4MTNnTlZ0N1AxQWRIaVVzeFpzRVVERXgzMW9QUVZxZz18&cppv=2
Request Chain 289
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=nXiO8Xw5Q1hZcXJDUGQ0UUExWnJaek9lRmlLb2tVWmgzM1A0Tmc4QVZ2b2VqU0JRWjR4K2ZrZE41a1duOVIzemhXT2xoZkpNZFNnWmwvUHVsUDVreXZ0THRGSVY3MjZvTWNGaitDM3JNcm1lWkRqVkt2ZkpmWkZ4L1FhTjV2NlZZV2ZyTUIvSE4wNVJHajNTMkQ3Y2NvL1U0ZHNaNFFmK05qUW1YSFJmcXB2Z1FPZGdlbzZlVklvdHNFQnBwTUZ3dk4xZDNLbTN1ZnZZbkhWd0NqdHk0bHowdmhsS0J1TkVKSnZtQTBxZHIzSUM2Q2pMRnd2RHpjYW1uMU5mYjZOR2ovVGNYTk1xUkxob0dVTDB5Tmttck9UVm9MVUNIYnhRNWNJa1REVDZEbE12cE5ITT18&cppv=2
Request Chain 340
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBthAws4h6eCzDpugl-SiIE&google_cver=1&google_push=AZmPxg8PxB0kNOKss7f6swWWZvoEyyQVOxsGWFjyoRIKh2RuSlcMI9AD1c6fOGditwVg2mL1pfREpC-ccjuZPVBTMxvt5guDLn4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyOTkwODk0NjQ4MjU4NTE2OA==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBthAws4h6eCzDpugl-SiIE&google_cver=1
Request Chain 341
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEN6rnL9SQb0cRakcez1Rd4A&c_param1=AZmPxg9HgQXMsSiwONFg7Gey6awZNsXf75hDBIHav0E5cUCDAQqkxXVYtaoh5v7GBvXoMW4UaZKnJauYXlH37Su48WwloVJiRDA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9HgQXMsSiwONFg7Gey6awZNsXf75hDBIHav0E5cUCDAQqkxXVYtaoh5v7GBvXoMW4UaZKnJauYXlH37Su48WwloVJiRDA
Request Chain 342
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFJUe8adJhAcHhL8zyH2xb4&google_cver=1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1665451302715 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-d1b51988-47dd-4700-9946-afce5082d099-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w%26google_hm%3DBNG1GYhH3UcAmUavzlCC0Jk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w&google_hm=BNG1GYhH3UcAmUavzlCC0Jk
Request Chain 343
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBq8OgC2MVPEIpxVIHDSI4Y&google_cver=1&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0&google_gid=CAESEBq8OgC2MVPEIpxVIHDSI4Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0
Request Chain 345
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDRQJWQ1bzIbzYcsWHEMH60&google_cver=1&google_push=AZmPxg-_GPLjjxaovpAssEI72yDyYX4JM25fCgyiECkSrPz4ZhNDFDCF0-HJdKu2nVASWE0CPjxFbpOTpk-LNxRYSfaDadY_cbEM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-_GPLjjxaovpAssEI72yDyYX4JM25fCgyiECkSrPz4ZhNDFDCF0-HJdKu2nVASWE0CPjxFbpOTpk-LNxRYSfaDadY_cbEM HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 346
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPmXqnPN0l4l5ClgMTyPB-8&google_cver=1&google_push=AZmPxg-x2PfTJn2uYLc2E3NE6q0mUzIRUkYJsvoCQcd8PjGr9lx3iTOU0x1RBkmgUL1r8qyfaoT1u0j8ZSe8usAK0s3pMR2pO23b HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjYzNjMzMzUtZTYxZS00ZThkLWI4YjAtZGMzMDA4YzE2NWE1&google_push=AZmPxg-x2PfTJn2uYLc2E3NE6q0mUzIRUkYJsvoCQcd8PjGr9lx3iTOU0x1RBkmgUL1r8qyfaoT1u0j8ZSe8usAK0s3pMR2pO23b HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 348
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESELNbY9mMuKutEWnFlVPHEcw&google_cver=1&google_push=AZmPxg8p4diro5NnTfPupGB7N22JPbXae8JnBFtjW12xiX09zFdzDjMvxSqcqbQfumuyyYWxfbjEicwYW0EkJYcPIThgvZsG_stkq5w3PC2NPMwn1KzFDTyEdBSkhvDGE2ICcvzB-Hht5ar_7lSyVNNT5I0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8p4diro5NnTfPupGB7N22JPbXae8JnBFtjW12xiX09zFdzDjMvxSqcqbQfumuyyYWxfbjEicwYW0EkJYcPIThgvZsG_stkq5w3PC2NPMwn1KzFDTyEdBSkhvDGE2ICcvzB-Hht5ar_7lSyVNNT5I0
Request Chain 349
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEQ2Uqpv_52AiObiXT3z18c&google_cver=1&google_push=AZmPxg_-mbZifIBUeQC-QmyqzVzatVgF3HKqmDS7Vp64XJ13p7a-gy5f87E5-jkpGZJqVNTRqRzscWKwFVZiYjH_H5BH5lBTt1MgS7vv9Zdg4o_DCVtBJql0MTO-BrkHm8MXKZ53X2xRMSbOpBqH6mM4ffU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kgzUxFamSi1rz41Y_ssFntmK_Kg&google_push=AZmPxg_-mbZifIBUeQC-QmyqzVzatVgF3HKqmDS7Vp64XJ13p7a-gy5f87E5-jkpGZJqVNTRqRzscWKwFVZiYjH_H5BH5lBTt1MgS7vv9Zdg4o_DCVtBJql0MTO-BrkHm8MXKZ53X2xRMSbOpBqH6mM4ffU
Request Chain 350
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBq8OgC2MVPEIpxVIHDSI4Y&google_cver=1&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1VT-sxYrrVVAIA-TJbxvYJcLeoVR2Khzs8rqq8loZqsYy7nOnukzWqlolQ HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1VT-sxYrrVVAIA-TJbxvYJcLeoVR2Khzs8rqq8loZqsYy7nOnukzWqlolQ&google_gid=CAESEBq8OgC2MVPEIpxVIHDSI4Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1VT-sxYrrVVAIA-TJbxvYJcLeoVR2Khzs8rqq8loZqsYy7nOnukzWqlolQ
Request Chain 351
  • https://cs.media.net/cksync?type=g&google_gid=CAESEC3WTEXXDQsAALDwonGtnjE&google_cver=1&google_push=AZmPxg_4wao-Y0J1R6apzHaP9bo7inIVHfFxC8fwCPnGQ-MncoF-54GpKWpX4_fFIbkwPnJuTzyGC_xsgnS-81HguJNjZ2FOpB5SfbmqM6rrrefgeI4c0WHUMoKOjH3Y3vi5ylrUSZb2_m7PJTt7fEyb7w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&mn_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_4wao-Y0J1R6apzHaP9bo7inIVHfFxC8fwCPnGQ-MncoF-54GpKWpX4_fFIbkwPnJuTzyGC_xsgnS-81HguJNjZ2FOpB5SfbmqM6rrrefgeI4c0WHUMoKOjH3Y3vi5ylrUSZb2_m7PJTt7fEyb7w&gdpr=&gdpr_consent=
Request Chain 352
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI-Tvh6XXIVDP-uZHJeOK6I&google_cver=1&google_push=AZmPxg-8d69Wtwx3t88IKkfaj6Y7YmxhQH9fAKNh0vVU9z1E9S2VDsbMdBIFDa6RGZjQAwkWaN1uekeUe_EcioCdkmA6K6j7t2LH5UK2ggkrTbd3NF8ik3dQRwMuvMnlzx9XaZWN9pkFX_9X7b2ReaBXb4OK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVTFzMGlORTJ1RV9QNUd4SFNDYjIzVVBJRy5yYmk3bX5B&google_push=AZmPxg-8d69Wtwx3t88IKkfaj6Y7YmxhQH9fAKNh0vVU9z1E9S2VDsbMdBIFDa6RGZjQAwkWaN1uekeUe_EcioCdkmA6K6j7t2LH5UK2ggkrTbd3NF8ik3dQRwMuvMnlzx9XaZWN9pkFX_9X7b2ReaBXb4OK
Request Chain 353
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHjNEbrtD_mBQgdHdGvUExY&google_cver=1&google_push=AZmPxg98WahbLvGH4dYCdaEI1PcYbaciNSXxKfPL0fQzodJxr_ems_FXIl-eVJvOLrtXVw7_053yTVpDuuF8awSZWpou575S6gm-hJizeA8q9GYobe_AgNuVIO0JP7A9iwXWgoaY0U2U9AtBtJ2KetfFzJ_M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWE1ZTY1M2ItZjYwNi00ZjA3LTkzZjctYzE3ZmYyYzkxNjgz&google_push=AZmPxg98WahbLvGH4dYCdaEI1PcYbaciNSXxKfPL0fQzodJxr_ems_FXIl-eVJvOLrtXVw7_053yTVpDuuF8awSZWpou575S6gm-hJizeA8q9GYobe_AgNuVIO0JP7A9iwXWgoaY0U2U9AtBtJ2KetfFzJ_M
Request Chain 354
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOPcPUon2MJLd3a93tuaG_0&google_cver=1&google_push=AZmPxg8DcNrLM1kLsAucsAWJDBeiksOOJqv6ch4LLAuzY7V_yO2fDokEKtEcLXy5sjh1HueVgi8JooHxV0VpRGKZJy6Kv_rFzGhxYhELGtQyVkWJHdJv-ZyQjf3PAQKfLqA_h3VAHNG5wxM5eVVvA4BpKvu9 HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOPcPUon2MJLd3a93tuaG_0&google_push=AZmPxg8DcNrLM1kLsAucsAWJDBeiksOOJqv6ch4LLAuzY7V_yO2fDokEKtEcLXy5sjh1HueVgi8JooHxV0VpRGKZJy6Kv_rFzGhxYhELGtQyVkWJHdJv-ZyQjf3PAQKfLqA_h3VAHNG5wxM5eVVvA4BpKvu9&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8DcNrLM1kLsAucsAWJDBeiksOOJqv6ch4LLAuzY7V_yO2fDokEKtEcLXy5sjh1HueVgi8JooHxV0VpRGKZJy6Kv_rFzGhxYhELGtQyVkWJHdJv-ZyQjf3PAQKfLqA_h3VAHNG5wxM5eVVvA4BpKvu9&google_hm=cDAxYjg2NWhZaUtQbEtjYWMtSHk= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 356
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

381 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request AOW97Q
reurl.cc/
Redirect Chain
  • http://reurl.cc/AOW97Q
  • https://reurl.cc/AOW97Q
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
54454965d9ba364aea2c945becc31098cbb1f229ac18618cd3d8b4435116b07b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:38 GMT
server
nginx/1.18.0 (Ubuntu)
target
https://www.gzsamz.tk/
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Tue, 11 Oct 2022 01:21:38 GMT
Location
https://reurl.cc/AOW97Q
Server
nginx/1.18.0 (Ubuntu)
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
17596753
x-jsd-version
4.3.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19134-FRA, cache-tyo11924-TYO
x-jsd-version-type
version
server
cloudflare
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9rBk6sJ6X5I1AvfNJhUgFzx8xHJwCYbVQlcEdSw0z%2BECo%2BH6D5TkIVVP%2FE8%2BqA516n17TnJNZKRnV0ahO7gjhG1twXrMIyYRaEbgDY%2Bd0w4msm5yvr%2FzRNSRz4knCurnXgiM0gRWh%2BywPyFjvE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7583c7b7ac21dfc5-NRT
style.css
reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/AOW97Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
expires
Wed, 11 Oct 2023 01:21:38 GMT
pixel.js
reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/AOW97Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-1ad"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 11 Oct 2023 01:21:38 GMT
utag.js
t.ssp.hinet.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:38 GMT
ysm_reurl.js
ad.sitemaji.com/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_reurl.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 17:08:26 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:55:05 GMT
server
nginx/1.12.1 (Ubuntu)
age
29592
etag
W/"5d0b49e9-4488"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5880
expires
Tue, 11 Oct 2022 17:08:26 GMT
ad.js
img.scupio.com/js/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:19:44 GMT
content-encoding
gzip
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 19 Sep 2022 02:16:55 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
120
etag
W/"6327d117-12f95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=900
x-amz-cf-id
AS6_hpLryjFYHJK-hkYg8umLZTHjk_mTNS5svTg9BTcY2BVRLR9UJw==
expires
Tue, 11 Oct 2022 01:34:38 GMT
init.js
cdn.holmesmind.com/js/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Tue, 11 Oct 2022 01:20:49 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
49
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
KLCA-H1q7T6zj3P1i9Bhh3iLLrMnRKn0WRQkumUqv2MSvfQmqhKxbw==
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13074087
x-jsd-version
2.5.16
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA, cache-tyo11930-TYO
x-jsd-version-type
version
server
cloudflare
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MW3%2BxF8f1GEKeEoWyFcpKBP61EtX6EeBVqF9QXJMBhvRG%2FJHAb%2Bk0v3dCZ2dTPe6A5Yc%2FRuUCybQl%2Fu4OoqQ%2BMJ3bCvty8kbFyKdvbPjd2qWmR54AiC2ECrmeS2sAydbQTdphIdafgDBkmd4QGs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7583c7b7bc25dfc5-NRT
renews.js
reurl.cc/javascripts/ 		412 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/AOW97Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-19c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 11 Oct 2023 01:21:38 GMT
loading.js
reurl.cc/javascripts/ 		134 B
339 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/AOW97Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-86"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 11 Oct 2023 01:21:38 GMT
ga2.js
reurl.cc/javascripts/ 		536 B
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/javascripts/ga2.js?v=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/AOW97Q
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"63356adf-218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
expires
Wed, 11 Oct 2023 01:21:38 GMT
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Oct 2022 01:21:38 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26840
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
8W9Y2itd3tYr31VTnRw4tzTkPZ4fSUxuoeIqXMr6wVVZzrc6oDCflDgSQRIn9D7YClQ1p3uKCwm2Y/XNc+oCOw==
x-fb-trip-id
382461245
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
page.php
www.facebook.com/plugins/ Frame 2712 		15 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e62a25bbe80c2c3495b491dbae49e52bec35832f5f972d979f20d3edd4bf0b3
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Tue, 11 Oct 2022 01:21:38 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
oOZuKwuVnereO36pS/rqmm4scNup3Yvhy8H3JuGQw5Bti6DuhmgIGlU4cQE2FvWjQLRc5G/MYs2zvVb4AOXrYg==
x-fb-rlafr
0
x-xss-protection
0
feeds
storage.re-news.tw/ 		6 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
a4d3c607ab3e7ec9cfdafac89c91e4ee58d991ddb33e312950f4e8f0c6ad20ba

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
via
1.1 google
x-powered-by
Express
etag
W/"18d7-snCPLh+ma27M8hLuJqETd8j3/a4"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6359
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/javascripts/ga2.js?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 10 Oct 2022 23:38:56 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6162
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 11 Oct 2022 01:38:56 GMT
reurl_passback.js
ad.sitemaji.com/native/ Frame 696E 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_reurl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 08:51:19 GMT
content-encoding
br
via
1.1 google
last-modified
Thu, 29 Aug 2019 10:21:02 GMT
server
nginx/1.12.1 (Ubuntu)
age
59419
etag
W/"5d67a70e-3bbe"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5256
expires
Tue, 11 Oct 2022 08:51:19 GMT
1675200226052423
connect.facebook.net/signals/config/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.84&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44f3478b38f387fd6a818b63f5532b06a88c629155dbfeec6dacb641ae767a89
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Oct 2022 01:21:38 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7345
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
4pi0DwDO4VfEhNgkrJH8P6Mknqv7Jr80Km4nid9goKVhF92r2bpCcRdbes0yyZVV2DekycGm+hbRrOhSDK7ZAQ==
x-fb-trip-id
382461245
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
native.js
s.yimg.com/dy/ads/ Frame 696E 		78 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/native/reurl_passback.js?s=728x90_pc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:20:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
P612KHQA19G3B634
age
60
x-amz-server-side-encryption
AES256
x-amz-id-2
7aIYD7V3kZiN8w94RKPZ4ewYuulWP0tq/C/pwzGCo35lt7HVTaSVERxBhWFo8gYpSbbDBq9X0C9KHP7EttK22A==
x-amzn-internal-status
304
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Feb 2022 12:02:57 GMT
server
ATS
etag
"7e002e241fddeeb8dd76383206c47a3d-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
/
www.facebook.com/tr/ 		0
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc%2FAOW97Q&rl=&if=false&ts=1665451298625&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=28&fbp=fb.1.1665451298624.279871521&it=1665451298611&coo=false&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Oct 2022 01:21:38 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1206555860&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FAOW97Q&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2095818864&gjid=1386381267&cid=545251540.1665451299&tid=UA-102456694-1&_gid=219203906.1665451299&_r=1&_slc=1&z=1430391016
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1206555860&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FAOW97Q&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MjE3LjEzOC4yNTIuMTY4&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=545251540.1665451299&tid=UA-102456694-1&_gid=219203906.1665451299&z=167798775
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Oct 2022 09:02:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
58766
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 696E 		7 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_US&agentVersion=205&adTrackingEnabled=true&adUnitCode=64d289b9-de9a-443b-a2c0-d45680807e46&apiKey=M2G62KV2NBNXKBPVHWQN&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Freurl.cc%2FAOW97Q&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
106.10.248.144 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
media-router-flurry71.prod.media.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
bc49bc82a8b23f5de839debe3857f37e029aec862ae557c31d7a956fb4f7209f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
b
geo.yahoo.com/ Frame 696E 		43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:ec:c38::2001 Taoyuan City, Taiwan, ASN24506 (YAHOO-TP2 YAHOO! TAIWAN HOLDINGS LIMITED, TAIWAN BRANCH, TW),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
0
content-length
43
17229.json
img.scupio.com/js/config/ 		461 B
870 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17229.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9f1319fe5f6d77d330e39f831211bcdef383ee3197592a6ccef114656034bb2f

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
via
1.1 21865cc96ade4cf70608c0d061134132.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
age
44
x-cache
Hit from cloudfront
content-length
461
last-modified
Mon, 10 Oct 2022 02:20:41 GMT
server
nginx/1.12.1
etag
"63438179-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
mRPte61ui9b6-6TMpBqNIB9vPyjYvLSC7oRlN3MQ5wripv9MTR8m9A==
expires
Tue, 11 Oct 2022 04:20:54 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17229&cb=0.06358848212928048
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:38 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame A085 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
1225
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 01:01:15 GMT
etag
W/"62fdf772-14d93"
expires
Thu, 10 Nov 2022 01:01:13 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
x-amz-cf-id
Axswdco97dJ4GS4-oldC6Ec3LFphtczPAog2T459rjqpc97FjzGDkQ==
x-amz-cf-pop
NRT12-C2
x-cache
Hit from cloudfront
17253.json
img.scupio.com/js/config/ 		461 B
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/17253.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
17ae6bab0c1c2833aec6ab4442d43dc4a027683a0bb965a0a947263b72d503d5

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
via
1.1 21865cc96ade4cf70608c0d061134132.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
age
154
x-cache
Hit from cloudfront
content-length
461
last-modified
Mon, 10 Oct 2022 02:20:41 GMT
server
nginx/1.12.1
etag
"63438179-1cd"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
x-amz-cf-id
V9-JwAcN8oBKF4jkJRZumw4vEzn0uJTdh57xYnyz65aYSqWBzomUTA==
expires
Tue, 11 Oct 2022 04:19:04 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
711 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=17253&cb=0.7443358703462151
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:38 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/json
Access-Control-Allow-Origin
https://reurl.cc
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
0
ad.html
img.scupio.com/html/ Frame 4D9A 		83 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.65
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
1225
cache-control
max-age=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 01:01:15 GMT
etag
W/"62fdf772-14d93"
expires
Thu, 10 Nov 2022 01:01:13 GMT
last-modified
Thu, 18 Aug 2022 08:25:22 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
x-amz-cf-id
zyH96rj5jti754PwqlgUioDzpMiM4aad3cn3lrZa0kHcb8S2sgp5AQ==
x-amz-cf-pop
NRT12-C2
x-cache
Hit from cloudfront
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-102456694-1&cid=545251540.1665451299&jid=2095818864&gjid=1386381267&_gid=219203906.1665451299&_u=IEBAAEAAAAAAACAAI~&z=1376418808
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4008:c05::9d Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 11 Oct 2022 01:21:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
Dg-zvGCDr50.css
static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,ja_JP/ Frame 2712 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/l/0,ja_JP/Dg-zvGCDr50.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a2386bed610456b6b0ea580ab4d6aa38ab95ea017bcfc4419021c4078da14f32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HVMKNEsxiDrjPQN5D/KkPQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4997
x-fb-rlafr
0
x-fb-debug
xgiWiWUloHlTXyeQ8Bw2WXAQyPyH8WPbK2DDcikfXgFXNY1jrRXlDc7yEYzwtIC2LGPLxToutbpUaYROsc+hfQ==
x-fb-trip-id
382461245
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Tue, 10 Oct 2023 15:09:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame A085 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 16:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 16:20:53 GMT
prebid.js
img.scupio.com/js/ Frame A085 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:16:56 GMT
content-encoding
gzip
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
289
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
QfNJ5LEdVZDETXjs8LBIX_yqruO6mr51d8O9RoztXoKBmBkUDmoVyQ==
expires
Thu, 10 Nov 2022 01:16:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 4D9A 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 16:20:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Oct 2023 16:20:53 GMT
prebid.js
img.scupio.com/js/ Frame 4D9A 		236 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:16:56 GMT
content-encoding
gzip
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 05:54:43 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
289
etag
W/"62ba97a3-3b047"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
x-amz-cf-id
QtB9iXO_Ae6z7c1RxKSgrgN3BcTBxeFLAv2iBMaZh-PmpAjjxJf0GA==
expires
Thu, 10 Nov 2022 01:16:49 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame A2E1 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-length
4730
content-type
text/html
date
Tue, 11 Oct 2022 01:21:39 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
x-amz-cf-id
Xhs8xOUNzR5_Y5NRrUnPi43FMor_jD6Q5whSKm3bQMr2IsAshmVUhA==
x-amz-cf-pop
NRT57-P2
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
RefreshHit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ 		662 B
1011 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
PKlV3wTNU8vlcOWl1PE4VtoBOKS31dW2Xe841jfH1k4KfnYCHXLlUw==
presetfn.js
cdn.holmesmind.com/js/ Frame B12A 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Tue, 11 Oct 2022 01:20:50 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
49
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
hqP8ftWmnXef7WPlOV-TNTAWqSVCglx3_HrPjm9kjovQqX__xnaabg==
presetfn.js
cdn.holmesmind.com/js/ Frame 34DF 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Tue, 11 Oct 2022 01:20:50 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
49
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
0cvRAAP-8A5qD-c4alLge8x6_9dhfMHZAnRahSSwMhDTu6LO2zToFw==
presetfn.js
cdn.holmesmind.com/js/ Frame FB9A 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Tue, 11 Oct 2022 01:20:50 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
49
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
L1CJ2pNKA6LKQ43NNr7tlz2co_SlbzafMEfv-yE8bfp3pcj88zDJBw==
Preset.js
adcdn.holmesmind.com/adserver/ Frame B12A 		756 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13847
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:3200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:18:39 GMT
content-encoding
gzip
via
1.1 ea1feda491a1bd37c644ffacae1e5f44.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
NRT20-C4
age
179
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
-P8-j6c-M09_ZxgsrmM-hpvdkNGZg67pPO5V1xINsag_kRgGsP49gg==
Preset.js
adcdn.holmesmind.com/adserver/ Frame 34DF 		575 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13856
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:3200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:15:25 GMT
content-encoding
gzip
via
1.1 ea1feda491a1bd37c644ffacae1e5f44.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
NRT20-C4
age
373
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
1OK35YZKF5wrfhG6yavdTSvYy5wcd-cOl08SagzhArsOswVsvDTXOw==
Preset.js
adcdn.holmesmind.com/adserver/ Frame FB9A 		760 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13848
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:3200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:14:49 GMT
content-encoding
gzip
via
1.1 ea1feda491a1bd37c644ffacae1e5f44.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
NRT20-C4
age
409
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
RI1YXWPTInRh0ZwzhmH0gFvK5v2LIPkqHSWk_h1XG4LlY7YyTEEVAQ==
/
t.ssp.hinet.net/ 		37 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b975dd67ba6c1a449a5a92e610e1ade2d7cf676ad6f2a14ab73ced78e7b1c7dd
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cm.php
fcm.holmesmind.com/ Frame F28B 		39 B
100 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:41 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame A2E1 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:38 GMT
cm
c.holmesmind.com/ Frame A2E1
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

location
https://c.holmesmind.com/cm?tc=getIn&
date
Tue, 11 Oct 2022 01:21:38 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
310943210_8856231611060969_5978344368277999896_n-750x375.jpg
www.rayskyinvest.com/wp-content/uploads/2022/10/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/2022/10/310943210_8856231611060969_5978344368277999896_n-750x375.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.146.32.226 Tokyo, Japan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.32.146.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
28bf6e7954890b7ed004577b39a8209cc45c5952f3ba836589f3c96032a6b413

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Tue, 11 Oct 2022 01:21:39 GMT
expires
Tue, 10 Oct 2023 22:43:41 GMT
last-modified
Mon, 10 Oct 2022 14:40:35 GMT
server
nginx
etag
"63442ee3-4da6"
content-type
image/webp
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
19878
x-cdn-c
static
x-sg-cdn
1
gigabyte.jpg
mma.prnasia.com/media2/1913649/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1913649/gigabyte.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:fc04 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
226827503d95c1bcb88164f7ad979b96d4c956b42e9557f199e447027f1c0931

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
cf-cache-status
HIT
age
40521
x-powered-by
ASP.NET
server-timing
intid;desc=8625b7f024d8aed7
content-length
61673
cf-bgj
h2pri
last-modified
Mon, 10 Oct 2022 14:06:17 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=1
accept-ranges
bytes
cf-ray
7583c7b9eb19ded5-NRT
access-control-allow-headers
Content-Type
expires
Mon, 10 Oct 2022 14:06:18 GMT
1665391762-6f0bb1cd5be4dd4cf6484a071da29d6b.jpg
img.gbyhn.com.tw/2022/10/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2022/10/1665391762-6f0bb1cd5be4dd4cf6484a071da29d6b.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ece6a12ba89a5b975507bb9faa01f34749181efc2eb4949236d280d1866d73d

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
57630
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34303
last-modified
Mon, 10 Oct 2022 08:49:22 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D7%2Ffjo9TO2tiVIJOLMbFxdqtgPs5v3SETkDthUAarIW%2Bkl2301Fb%2BCW%2BU0n0oANcrVGA2zV6K628%2BhdOtaNu5pnXG66ZwW3gFwYCNuCEuxJEMlXgetndCBC6J%2BW9Vo86PSz1N1AjECj%2FYYSTWd2B"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7583c7b9fca7afed-NRT
expires
Mon, 17 Oct 2022 08:50:55 GMT
img_9445-scaled.jpg
i0.wp.com/golike.tw/wp-content/uploads/2022/09/ 		359 KB
360 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2022/09/img_9445-scaled.jpg?fit=2560%2C1920&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i1.wp.com
Software
nginx /
Resource Hash
ebc9d9a64fe0dcc52fe330bb52ea9701a4cf717dbd18b4e6f4e736fe5e45f872
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-nc
HIT nrt 4
date
Tue, 11 Oct 2022 01:21:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 10 Oct 2022 10:41:08 GMT
server
nginx
etag
"28a3b4849eca3656"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2022/09/img_9445-scaled.jpg>; rel="canonical"
content-length
367546
expires
Wed, 09 Oct 2024 22:41:08 GMT
%E5%9B%9B%E5%A4%A7%E9%A3%9F%E7%89%A9%E5%A4%96%E9%80%81%E5%B9%B3%E5%8F%B0%E6%8E%A8%E8%96%A6%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2020/05/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2020/05/%E5%9B%9B%E5%A4%A7%E9%A3%9F%E7%89%A9%E5%A4%96%E9%80%81%E5%B9%B3%E5%8F%B0%E6%8E%A8%E8%96%A6%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.135 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
3c1db9f3ea4dc10e3fae7955e420e07aaea433796fd1b77406d1b0bb87e5c339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Mon, 22 Jun 2020 07:19:43 GMT
server
nginx
etag
"5ef05b8f-2607f"
content-type
image/jpeg
accept-ranges
bytes
content-length
155775
2022100613491756.jpg
img.racingcharger.tw/wp-content/uploads/ 		89 KB
90 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2022100613491756.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:b27d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bda7ca8f41eff8fa6f22aff11abcd70f643dac745d9119969c3ef377ec111536

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
cf-cache-status
HIT
last-modified
Thu, 06 Oct 2022 13:49:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
15165
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXEAQbyY5dr6X9zILYI8HXd6WEdcW03%2B0mcK2yfInHZUIKaAeVSW9DwNSdFGDFkIkhsxVhiMoe8XRCYi2FdJ%2BmFeuk5OXGpAm3UoJ9Xnd7WinEGOg%2BDzhgYHaB8AzjZ9YWwQVt05Ev02sOtm0UjZXDNBSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=28800
accept-ranges
bytes
cf-ray
7583c7b9e9e4f58b-NRT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
91296
file.png
static.wixstatic.com/media/08c74d_05ea24ea32144233811b46175b7da865~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_05ea24ea32144233811b46175b7da865~mv2.jpg/v1/fit/w_1000,h_720,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.176.152 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
152.176.102.34.bc.googleusercontent.com
Software
openresty/1.21.4.1 /
Resource Hash
787907c7ea70ae6e6914f5c248a4cbdace5e917dae70484a1beae760a3c7bfc0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 11:56:52 GMT
via
1.1 google
server
openresty/1.21.4.1
age
480286
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1182715
wix-tracer
2FiNb4bVCgAytOwbePdqGHzOP74
x-seen-by
image-manipulator-5cdc794f79-bfns7
%E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%8...
blog.alphaloan.co/wp-content/uploads/2022/10/ 		133 KB
133 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2022/10/%E4%BF%A1%E7%94%A8%E8%B2%B8%E6%AC%BE%E5%8F%AF%E4%BB%A5%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E5%97%8E%EF%BC%9F%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E7%AB%9F%E7%84%B6%E8%A6%81%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%EF%BC%9F%E5%85%8D%E4%BB%98%E9%81%95%E7%B4%84%E9%87%91%E6%8F%90%E6%97%A9%E9%82%84%E6%AC%BE%E6%96%B9%E5%BC%8F%E5%A4%A7%E5%85%AC%E9%96%8B%EF%BC%81.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Mon, 03 Oct 2022 04:45:24 GMT
server
nginx
etag
"633a68e4-213ff"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
136191
expires
Tue, 18 Oct 2022 01:21:38 GMT
emome2
t.ssp.hinet.net/ 		30 B
271 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
currency.json
img.scupio.com/js/config/ Frame A085 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
04420b40ef3d07955915436413d2de124914d131c87d140f4671a2cd00b63dc0

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 01:19:25 GMT
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 19:15:04 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
135
etag
"63446f38-6a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
106
x-amz-cf-id
FS_ZqrM9B3zpg7dtMSxlO2ARjf1PXIrwGquZ5cBJa6MtPtGZRHbpHQ==
expires
Tue, 11 Oct 2022 04:19:23 GMT
currency.json
img.scupio.com/js/config/ Frame 4D9A 		106 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
04420b40ef3d07955915436413d2de124914d131c87d140f4671a2cd00b63dc0

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 01:19:25 GMT
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 10 Oct 2022 19:15:04 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
135
etag
"63446f38-6a"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=10800
accept-ranges
bytes
content-length
106
x-amz-cf-id
74CF9BDrp7GaGPbYvRqzEOBH-Ptt3HPKZi6ojYrwv0AsKX8moSXV1A==
expires
Tue, 11 Oct 2022 04:19:23 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=545251540.1665451299&jid=2095818864&_u=IEBAAEAAAAAAACAAI~&z=597398598
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-102456694-1&cid=545251540.1665451299&jid=2095818864&_u=IEBAAEAAAAAAACAAI~&z=597398598
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81c::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ Frame A085 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=31917202411
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame A085 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.json
ad.holmesmind.com/adserver/ Frame A085 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1665451298862&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
header
hb.aralego.com/ Frame A085 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-6272B749823AD3B6FE98336EBDD2A34A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=aaf2ac1b-a438-43d1-8b3b-c10f85edcee4&u=https%3A%2F%2Freurl.cc%2FAOW97Q&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=c8d00dcc-c7ff-4141-aea7-422e179cbc2c&w=300&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Tue, 11 Oct 2022 01:21:38 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid.aspx
prebid.scupio.com/recweb/ Frame A085 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8773246573356304
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 4D9A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 4D9A 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5790074712834494
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
cdb
bidder.criteo.com/ Frame 4D9A 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.21.0-pre&cb=63503294509
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
header
hb.aralego.com/ Frame 4D9A 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-9A2A7263E9EB6DA9F4EB86E487B8648A&tdid=&schain=1.0%2C1!scupio.com%2C4808%2C1%2C%2C%2C&eids=&pubcid=aaf2ac1b-a438-43d1-8b3b-c10f85edcee4&u=https%3A%2F%2Freurl.cc%2FAOW97Q&host=reurl.cc&xr=0&ao=https%3A%2F%2Freurl.cc&ucfUid=abf32408-110d-486f-9e83-2c07ffe9ad6a&w=970&h=250
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://img.scupio.com
Date
Tue, 11 Oct 2022 01:21:38 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid.json
ad.holmesmind.com/adserver/ Frame 4D9A 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1665451298870&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
t.ssp.hinet.net/ Frame A2E1 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
11ee67d5aef45b6fdd566ea2ca67eddbb4cd8752aa40d1875816f0147d3db035
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
ads.js
ad.holmesmind.com/adserver/ Frame 34DF 		2 KB
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=592&o=1&d=1&b=2&ts=1&ii=3&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b49d2eb7d1b30782d7f7fa067a209344fc9f6f40372fcbd9142a747ec1fd5fc9

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 34DF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
sVRbJVyNH3UCDt3KlRGE6WtjTMMFkdgQ-jUlUfQZpNvPu_I_syvgbA==
appierV2.js
cdn.holmesmind.com/js/ Frame 34DF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
wppaE4S6EcbhWNJCI7kl2tp93-qWjgtQ4Jkjrhiz9tM6cRt7yK24uA==
ads.js
ad.holmesmind.com/adserver/ Frame FB9A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=865&o=1&d=1&b=2&ts=1&ii=3&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
61904ab5b4c05d3b66f86f5851f5fbb7eb81a81fe6e17b51bb8667fcce64b2ae

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame FB9A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
iwoG4AJ65a1xru2JjMJ4wB5Ne02z-2AIAlhDlv5S-LjcIB6DuzcZHA==
publishertag.js
static.criteo.net/js/ld/ Frame FB9A 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:39 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame FB9A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
vmMgaJLoHQ20Af0Yvod_inaJ0xORgHMzNV3j641_PQczhgt0f6_kbA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame FB9A 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
1ajLIhVBXA7iraPlxsxC95vyAY0yuI8CKdZn7sTtT4_FFDOyvVk50g==
appierV2.js
cdn.holmesmind.com/js/ Frame FB9A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
BKOFcqedNw9Dvy6NPDGaDseXqsCuPxrwAgAX0Nv6KX4D4Raocn_ZNA==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame FB9A 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c4827d1fc4641b3a4284ac6f288f97e764fdafdcc4e5d47189962e498725dd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
i4br6TtmSa1mPteFdL4tcHc2SIkN9sAq
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 08:33:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
etag
"22b9348d13fb651f087d8913bb7c1782"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5764
x-amz-cf-id
P8cjNKB9SmOIj8o39QSiwsARObE4u4vKqhov9IdT5GcCNEsZVxPkAQ==
ads.js
ad.holmesmind.com/adserver/ Frame B12A 		0
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13847&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=405&o=1&d=1&b=2&ts=1&ii=3&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame B12A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
dGjaUa6kEoixrOJjXKb5RFTBJkb6JN371d5BLxe6qb8Qhk0lkF2vTg==
publishertag.js
static.criteo.net/js/ld/ Frame B12A 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:39 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame B12A 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
htdzUKRpxhdSsNiDr9aWGL3uKgV6RdU9jSSK17d5Il7o7OdH0nHlwg==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame B12A 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
YN8frM1Hh9VPG_g8FavhTzzaL1hR7XTsKuwNTL08Vqt_nksqD32lLw==
appierV2.js
cdn.holmesmind.com/js/ Frame B12A 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
bd0NKQkimZbWzEwygBobhr1dhtdCvAYVKnIbm4EeRrSxgC1fjiIKFQ==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame B12A 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c4827d1fc4641b3a4284ac6f288f97e764fdafdcc4e5d47189962e498725dd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
i4br6TtmSa1mPteFdL4tcHc2SIkN9sAq
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 08:33:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
etag
"22b9348d13fb651f087d8913bb7c1782"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5764
x-amz-cf-id
GzwE9BpCjimzrHx1xLp3w3iZ6rgcb1mBduQf5hn5nmd1dQ9FQuihCw==
emome2
t.ssp.hinet.net/ Frame A2E1 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
M2G62KV2NBNXKBPVHWQN_VFdfU2l0ZXRhZ19yZXVybF83Mjh4OTBfcGNfMjAxOTA2MTg=_1560829586131
s.yimg.com/ys/ Frame 696E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/M2G62KV2NBNXKBPVHWQN_VFdfU2l0ZXRhZ19yZXVybF83Mjh4OTBfcGNfMjAxOTA2MTg=_1560829586131?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
8015ce43c26e3e1e4854a7c2bc17a66aa1daad9425701373176ae4a7ae93a806
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 11:17:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
C0GD3RJ159VKRZYD
age
1346630
x-amz-server-side-encryption
AES256
content-length
831
x-amz-id-2
324sckvKVRuA+58OuJ9rsWzKIUkxG+q6X0aX/elsxf/Kj1S34kYeKZztsy34S7YMKuhzDs7Zyks=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 18 Jun 2019 03:46:27 GMT
server
ATS
etag
"71bcbde4506c0d80a1c7b96307b1c563-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding,Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 34DF 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame FB9A 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame FB9A
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=61mfCMVhCySvTzFCI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=61mfCMVhCySvTzFCI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=61mfCMVhCySvTzFCI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame FB9A
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame B12A 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame B12A
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=6vzw24YYCCWGQJw3I8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=6vzw24YYCCWGQJw3I8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=6vzw24YYCCWGQJw3I8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
722630439a353962f28047c04d996794.jpeg
s.yimg.com/lo/api/res/1.2/8oVIomb4u3vRmdoKgaDg5A--~A/Zmk9Zml0O3c9MTMzO2g9MTA1O3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ Frame 696E 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/8oVIomb4u3vRmdoKgaDg5A--~A/Zmk9Zml0O3c9MTMzO2g9MTA1O3E9OTA7YXBwaWQ9YTAwMTs-/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/722630439a353962f28047c04d996794.jpeg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
528dd1abab95a4de5c90dbcb08d548bfb26e981c65608e19db72b94173bc2aab
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 03 Oct 2022 08:10:30 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
age
666672
cld_latency
296
edge-cache-tag
181809654741136735770628969879014154312,261858166583457356490051765949444583397,ae7a14591aaf8d474cdb3f92111c923e
cache-tag
181809654741136735770628969879014154312,261858166583457356490051765949444583397,ae7a14591aaf8d474cdb3f92111c923e
status
200 OK
x-cache
MISS
cld_cache
MISS
cld_id
fa80ff2f3ffa58bd40bde757e3b3b97e
cld_hits
0
content-length
3682
x-xss-protection
1; mode=block
x-request-id
fa80ff2f3ffa58bd40bde757e3b3b97e
x-served-by
cache-lga21980-LGA
cld_by
cache-lga21980-LGA
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Sep 2022 15:43:11 GMT
server
ATS
x-timer
S1664784630.771295,VS0,VE296
etag
"3b8c256b9b11b68499afcccc6a4ab035"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0
kiarrow.jpg
ad.sitemaji.com/static/ Frame 696E 		211 B
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.sitemaji.com/static/kiarrow.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
d2e31a1e3b6873caa1a5d66dba90568ab55b9362d642c2a36847066633d62ff4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 17:58:47 GMT
via
1.1 google
last-modified
Thu, 20 Jun 2019 08:48:16 GMT
server
nginx/1.12.1 (Ubuntu)
age
26572
etag
"5d0b4850-d3"
content-type
image/jpeg
cache-control
max-age=86400,public
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
211
expires
Tue, 11 Oct 2022 17:58:47 GMT
gemini.png
s.yimg.com/cv/apiv2/adbuilder/ Frame 696E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/cv/apiv2/adbuilder/gemini.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2000:a4:9fe:: , Taiwan, ASN10230 (YAHOO-SG internet content provider, SG),
Reverse DNS
Software
ATS /
Resource Hash
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 15:44:56 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
ZB4X4MQMSWRQBD2H
age
466604
x-amz-server-side-encryption
AES256
content-length
3328
x-amz-id-2
t0WGm1ru6MxcqItu5xpvWxOkW0UCTT/2w4ICZtFi8GG5So2QTBNWha8nX1LBTQ5kcOkelMHLeyw=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 02 Mar 2019 01:45:46 GMT
server
ATS
etag
"99f89d94ebcff9a04ef4c4174c7bc13a"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
truncated
/ Frame 696E 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
cdb
bidder.criteo.com/ Frame FB9A 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=62864220478
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
5dd410709bae1932e5792fa6293a66651913a23e33e3cd893eec2c8444bb9bb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
cdb
bidder.criteo.com/ Frame B12A 		177 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=90093899644
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c657929c08e535f72cc118885295afac872e1a4b96a5d16783b694e78b004c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
160
cdb
bidder.criteo.com/ Frame B12A 		177 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=62472200176
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
fad8cc7d4d78c6dcc53540839b24f5fddfe5f8b393a5a8d9656312dcab3a4b8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
164
events
bidder.criteo.com/csm/ Frame FB9A 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
prebid.aspx
prebid.scupio.com/recweb/ Frame B12A 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.008630125199922345
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame B12A 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5202245828503202
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
prebid.aspx
prebid.scupio.com/recweb/ Frame FB9A 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3674147663756453
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
drawV2.js
cdn.holmesmind.com/js/ Frame FB9A 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13848&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=865&o=1&d=1&b=2&ts=1&ii=3&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
6EcgrfN2vlv3gPb9Ojqerg6XdFFE8GcFe7dXmPB-ZEaUnqVcwA9CmA==
drawV2.js
cdn.holmesmind.com/js/ Frame 34DF 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13856&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=592&o=1&d=1&b=2&ts=1&ii=3&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
noGGYL9nf73ven4MXJ7AEyfMu-cNQP2A-yCwt7rUyk1Ib5yFcUeezg==
bid
ad2.apx.appier.net/v1/prebid/ Frame B12A
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame FB9A
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
events
bidder.criteo.com/csm/ Frame B12A 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
events
bidder.criteo.com/csm/ Frame B12A 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
cm
t.ssp.hinet.net/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=a546ca&cid=%%%20Partner%20Cookie%20Here%20%%&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ 		0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=a546ca&referrer=%25%25%20referrer%20%25%25
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
landing.php
fp.holmesmind.com/ Frame 3E42 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 34DF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:39 GMT
landing.php
fp.holmesmind.com/ Frame 3B39 		0
249 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame FB9A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:39 GMT
landing.php
fp.holmesmind.com/ Frame 80F3 		0
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame B12A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:39 GMT
/
t.ssp.hinet.net/ Frame 34DF 		36 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
11ee67d5aef45b6fdd566ea2ca67eddbb4cd8752aa40d1875816f0147d3db035
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
adsbyscupio.js
img.scupio.com/js/ Frame FDC9 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:20:55 GMT
content-encoding
gzip
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
46
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
p9SqzJ2uPjJ8QmYSbSfnBhHaqSICNGp_UAThF05ZIUVBmBedeCk0uw==
expires
Tue, 11 Oct 2022 04:20:53 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame A085 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4019672145951909
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
0e075cbf58f68f31f75c786def4a4dd64029c6a18961d174cd8d418bdca30244

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1607
truncated
/ Frame A085 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
300x250.png
img.scupio.com/img/2011_gym/ Frame FDC9 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/2011_gym/300x250.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 00:42:46 GMT
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
2430
etag
"607cf99c-bcf6"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
48374
x-amz-cf-id
pg0af6TxGUzr3V9GBlm4m8CABHpd4XN_dwVajDKq0FJ01qTtSUzJSA==
expires
Wed, 11 Oct 2023 00:41:09 GMT
adsbyscupio.js
img.scupio.com/js/ Frame 0DE8 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/adsbyscupio.js?v=1.0.2
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:20:55 GMT
content-encoding
gzip
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:30:31 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
46
etag
W/"607cf957-11ab"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=10800
x-amz-cf-id
a4Ld-MV2BJF7IhzTICw5XedatTdGbUJwDzuyMxsqMMf0P-LohSzVow==
expires
Tue, 11 Oct 2022 04:20:53 GMT
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 4D9A 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.5022972545729438
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
4dd1bc8c3bbfae7db006e320e7520f8fb9d0adfa2e44d60ee27ab8fa60b9bb4f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:38 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Content-Type
application/javascript; charset=utf-8
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Length
1477
truncated
/ Frame 4D9A 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
970x250.jpg
img.scupio.com/img/padding/ Frame 0DE8 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.scupio.com/img/padding/970x250.jpg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.65
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 00:49:22 GMT
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
last-modified
Mon, 19 Apr 2021 03:31:40 GMT
server
nginx/1.12.1
x-amz-cf-pop
NRT12-C2
age
3164
etag
"607cf99c-b9b9"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
47545
x-amz-cf-id
pXYQqdULpGZBP7SVf5HYOeBbLr12cVtnIQfM9NcShMEldn909xsWwQ==
expires
Wed, 11 Oct 2023 00:28:55 GMT
ls.html
img.scupio.com/html/ Frame 8B6D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3061
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 00:30:56 GMT
etag
W/"583295c9-4dc"
expires
Tue, 18 Oct 2022 00:30:38 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
x-amz-cf-id
xN37IWDaHGlP1ZhGFZvO_iO64UA7myJwicAzocyOeiUAHTWVN3xKmg==
x-amz-cf-pop
NRT12-C2
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 8114
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q0xBMjAyMjEwMTEwOTIxMzkxMzQxOTY%3d&layout=js
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q0xBMjAyMjEwMTEwOTIxMzkxMzQxOTY%3D&layout=js&google_tc=
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFF1A6WN7fCUtp0qSg3Y78E&google_cver=1&google_ula=3918219,0
0
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFF1A6WN7fCUtp0qSg3Y78E&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEFF1A6WN7fCUtp0qSg3Y78E&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1CF9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Oct 2022 01:21:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 11 Oct 2022 01:21:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 8114 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1665451299555&cd[SBST]=17&cd[PuID]=reurl
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Oct 2022 01:21:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
sync.aralego.com/idSync/ Frame 8114 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CLA20221011092139134196
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
ls.html
img.scupio.com/html/ Frame AC68 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-121.nrt12.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.65
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
3061
cache-control
max-age=604800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 11 Oct 2022 00:30:56 GMT
etag
W/"583295c9-4dc"
expires
Tue, 18 Oct 2022 00:30:38 GMT
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
server
nginx/1.12.1
vary
Origin
via
1.1 b4dadadff1d09a3efb8a9374bdfc2848.cloudfront.net (CloudFront)
x-amz-cf-id
QVKxw4S_CS6zIjJat05wV3GZZ16llQ0B0r65eCddjACiUNogc7kNlw==
x-amz-cf-pop
NRT12-C2
x-cache
Hit from cloudfront
ggid.aspx
rec.scupio.com/recweb/ Frame 237D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMjEwMTEwOTIxMzk2NjIyMw%3d%3d&layout=js
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q05BMjAyMjEwMTEwOTIxMzk2NjIyMw%3D%3D&layout=js&google_tc=
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMPXHmyBjFS7xvsczy9764s&google_cver=1&google_ula=3918219,0
0
550 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMPXHmyBjFS7xvsczy9764s&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Server
210.59.219.175 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/javascript
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMPXHmyBjFS7xvsczy9764s&google_cver=1&google_ula=3918219,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 7BC0
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 11 Oct 2022 01:21:39 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 11 Oct 2022 01:21:39 GMT
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
server
AkamaiGHost
/
www.facebook.com/tr/ Frame 237D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=588795092476391&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&rl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.65&if=true&ts=1665451299579&cd[SBST]=17&cd[PuID]=reurl&ud[external_id]=7934f3e6ebd44716ce3c89605e92c30991bafb27703a77140724aae4c1b0833f
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Oct 2022 01:21:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
priority
u=3,i
/
sync.aralego.com/idSync/ Frame 237D 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA2022101109213966223
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 1CF9 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
52ec1913f5c3f1153e6b9ad097abb493e1c8ee9af3102d665140e167c4f9e905

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36457
Connection
keep-alive
Content-Length
9424
Expires
Tue, 11 Oct 2022 11:29:16 GMT
usync.js
eus.rubiconproject.com/ Frame 7BC0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.10.15.201 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-15-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
52ec1913f5c3f1153e6b9ad097abb493e1c8ee9af3102d665140e167c4f9e905

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36457
Connection
keep-alive
Content-Length
9424
Expires
Tue, 11 Oct 2022 11:29:16 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1CF9 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 7BC0 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
init.js
cdn.holmesmind.com/js/ Frame 5C3E 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Tue, 11 Oct 2022 01:20:49 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
50
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
pmeMR96kVFphihsaqiLpT_X50AMG2rZrhdCmv9KQ8J7FfBQ_sUGUaQ==
init.js
cdn.holmesmind.com/js/ Frame 7E7E 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
UdwMmUAM2dmZqopCO7YOeMhqjXQRxqvB
date
Tue, 11 Oct 2022 01:20:49 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 04 Mar 2022 10:10:49 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
50
etag
"439e160b698f1ec2efb45c3b6cd6b265"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
6552
x-amz-cf-id
0-39jLmb1VSCNxp-TU4RH0LRgIxwQIRrN6FbLMNcS5ozI3avHlUWmw==
capmapping.htm
cdn.holmesmind.com/js/ Frame FB3A 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
content-length
4730
content-type
text/html
date
Tue, 11 Oct 2022 01:21:39 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
x-amz-cf-id
gxfPIdvtNU2ptQvgxvLoiRZn2F25fAQK2UhlFEuq3ZLKcXKABSPGaw==
x-amz-cf-pop
NRT57-P2
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 5C3E 		662 B
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
1
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
Pm_RPiCtZdWC-P3MI9MrQN2rhBrLJ4iUv6bUR0-PDLnpMuflVjXRYQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 3896 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Tue, 11 Oct 2022 01:20:50 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
50
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
6r4jLE6rRSVrRCqDuD4qwN1iO6oht6Qdc2a0iD9TdSG-mLb38NnZZg==
capmapping.htm
cdn.holmesmind.com/js/ Frame A5FA 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
1
content-length
4730
content-type
text/html
date
Tue, 11 Oct 2022 01:21:39 GMT
etag
"c36f5eb091d6195fe8b68f3b263f999b"
last-modified
Mon, 22 Aug 2022 03:00:17 GMT
server
AmazonS3
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
x-amz-cf-id
q3CuaF6Bzfyd3c5fuWGklZA7DoPrbYaJZkm0_yZisDTF4Nc-w5hv3Q==
x-amz-cf-pop
NRT57-P2
x-amz-version-id
9jVaRQ2pP3sbT47ouwg8zArcPp2ddVmt
x-cache
Hit from cloudfront
edmp_init.js
cdn.holmesmind.com/js/ Frame 7E7E 		662 B
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/edmp_init.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:39 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 12 Mar 2021 02:45:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
1
etag
"f58f8a90686f8ffb3325107e8a788b71"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
662
x-amz-cf-id
54ciRMSRJ5JSNE4haACgpfCsuT3GF8AjUAVVbfCAqFRKTDkHmuj2pQ==
presetfn.js
cdn.holmesmind.com/js/ Frame 697B 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
QFAcVwN57aO_RWKPah9bVgfaw1eby0J0
date
Tue, 11 Oct 2022 01:20:50 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Mon, 22 Aug 2022 03:00:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
50
etag
"ddf163a3d8381378b3e35e39339ad7ab"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9530
x-amz-cf-id
i2u8BMJ2Bcj7nyP22E6qKfsJiuPwfosvcAXW3ee_73fqAsu1LfgWLw==
cm.php
fcm.holmesmind.com/ Frame BEBA 		95 B
333 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
86
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:39 GMT
server
Apache/2.4.29 (Ubuntu)
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame FB3A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:39 GMT
cm
c.holmesmind.com/ Frame FB3A 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame FB3A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
x-guploader-uploadid
ADPycduq0sCQDrjPzEanpl2QsYp2fx1z7BOhJ1Uqj5AMMDMlFEdr5fDSSvYAsO4GEpuSp8mKIAeVRmTxLrd3o-_xVHFyfw
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 11 Oct 2022 02:21:40 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
t.ssp.hinet.net/ Frame 34DF 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame 34DF 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame FB9A 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame FB9A 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
cm
c.holmesmind.com/ Frame A5FA 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
cm.php
fcm.holmesmind.com/ Frame 2BB2 		0
0
utag.js
t.ssp.hinet.net/ Frame A5FA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:39 GMT
google
m.holmesmind.com/ml/ Frame A5FA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
0
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
x-guploader-uploadid
ADPycdu6xfhXAzazHyVfz_Ywc5Gvw9llbsfzs2b5XvmEgNydb9cB2kql-GoS7wl_uh9sN0vPWgH525IbJv1vhoOn-hZ6sg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Tue, 11 Oct 2022 02:21:40 GMT

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&uu_m=undefined&google_gid=CAESEFOJICvX6Qc5QucSF5Pbofg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
358
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
adcdn.holmesmind.com/adserver/ Frame 3896 		1 KB
752 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13857
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:3200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:19:43 GMT
content-encoding
gzip
via
1.1 ea1feda491a1bd37c644ffacae1e5f44.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
NRT20-C4
age
116
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
a0e-nFOWdkWJhSYZC9sD4DxLg4YUZp2EVzgThYLgUQztHdslWVVKsw==
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame B12A 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame B12A 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
Preset.js
adcdn.holmesmind.com/adserver/ Frame 697B 		1 KB
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adcdn.holmesmind.com/adserver/Preset.js?z=13849
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:3200:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:15:25 GMT
content-encoding
gzip
via
1.1 ea1feda491a1bd37c644ffacae1e5f44.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
NRT20-C4
age
374
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-cf-id
gl61yOdpZQ5j2QF2lB6RG2mXANd4USS1dM2fXk3T63tBwGwmPVsFOQ==
ads.js
ad.holmesmind.com/adserver/ Frame 3896 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=289&o=1&d=1&b=2&ts=1&ii=2&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e789dfccc41e0358edc814096859e1c1d240bf4777a608b8fce8d225546ded81

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 3896 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
tYcIs3Tomt1EsON6ijzghYqsn60E0T7Oj3S_SZe5W0uWixEGmoaBqg==
publishertag.js
static.criteo.net/js/ld/ Frame 3896 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:39 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 3896 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
yf98n4eZ_vrIfmXW4B79iaOcbijIwCtZ5IAhtDyJty1F0fBSahd_Aw==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 3896 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
0
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
kcUae-I87Hq8eHZwScSAM0x7gCyTckxlLIueTY-uA-E_maMM3WXz3A==
appierV2.js
cdn.holmesmind.com/js/ Frame 3896 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
0Ejy-VKjv--2IoeMjyQMcry-2boHypx2NtLwX5LCm4sCbIeBZNUF3A==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 3896 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c4827d1fc4641b3a4284ac6f288f97e764fdafdcc4e5d47189962e498725dd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
i4br6TtmSa1mPteFdL4tcHc2SIkN9sAq
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 08:33:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
0
etag
"22b9348d13fb651f087d8913bb7c1782"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5764
x-amz-cf-id
7yxvTNyqL_-6QYAXNbf4D6X0uoyAGq8trAQr-XxQ6FJRWt1pZMrAcw==
ads.js
ad.holmesmind.com/adserver/ Frame 697B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=346&o=1&d=1&b=2&ts=1&ii=2&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.250.169.244 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-250-169-244.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f7d9e733c57736d0716890a4ed5e01da2355ed21d4635deea15436bb5762e6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
rtbhouseV2.js
cdn.holmesmind.com/js/ Frame 697B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"6a605eea47197fa280f27aaf1fa1521d"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2773
x-amz-cf-id
2nrbkX3UN-7GLDnxSEF6SDOu-AsDvsM5UYeLw2D3oGTNTsZLu2uBXw==
publishertag.js
static.criteo.net/js/ld/ Frame 697B 		121 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-1e358"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:39 GMT
criteoV2.js
cdn.holmesmind.com/js/ Frame 697B 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/criteoV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Aug 2020 09:25:12 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"e8f33fcb581483ced4a09b3c8e7550e4"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2443
x-amz-cf-id
9tTVhh5fBizCfgJygq792MSytL05dLhNjea2iOB3fmHuMaDVFyn8LA==
bridgewellV3.js
cdn.holmesmind.com/js/ Frame 697B 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 20 Apr 2021 06:25:23 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
0
etag
"c3b948e5a48dd0ec20c265d6d8da7add"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4530
x-amz-cf-id
Jq5UIvW4Uys-3-5eI89RsYftKGrkwOY3UGnaxzqu25oNMwAIwa27Xg==
appierV2.js
cdn.holmesmind.com/js/ Frame 697B 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appierV2.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Thu, 11 Mar 2021 07:54:26 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"548ed610a8571343fb3022f543174735"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3177
x-amz-cf-id
JwsZToG0NEjlJ51_oXiOK49rkPp3hO6EMoqtro-JDy-r96jVJAYz8A==
appier_mainV3.js
cdn.holmesmind.com/js/ Frame 697B 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c4827d1fc4641b3a4284ac6f288f97e764fdafdcc4e5d47189962e498725dd4

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
i4br6TtmSa1mPteFdL4tcHc2SIkN9sAq
date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Tue, 04 Oct 2022 08:33:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
0
etag
"22b9348d13fb651f087d8913bb7c1782"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5764
x-amz-cf-id
L2fTgpqBn_n_hPyPsKirlskB6CB8HHoKWqzpkd5OlgwgHoPtXgHGyw==
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 3896 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid.aspx
prebid.scupio.com/recweb/ Frame 3896 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.602900405653999
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 3896
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 697B 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:39 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid
ad2.apx.appier.net/v1/prebid/ Frame 3896
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
prebid.aspx
prebid.scupio.com/recweb/ Frame 697B 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7156941198259237
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://reurl.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
bid
ad2.apx.appier.net/v1/prebid/ Frame 697B
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
bid
ad2.apx.appier.net/v1/prebid/ Frame 697B
Redirect Chain
  • https://ad2.apx.appier.net/v1/prebid/bid
  • https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
  • https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
2 B
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
via
1.1 google
server
nginx/1.19.0
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2

Redirect headers

date
Tue, 11 Oct 2022 01:21:39 GMT
server
nginx
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
null
location
https://ad2.apx.appier.net/v1/prebid/bid?acid=Moon3cCQD4yvFt4pI8VEYw
cache-control
no-store
access-control-allow-credentials
true
content-length
0
cdb
bidder.criteo.com/ Frame 3896 		177 B
425 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=10233893337
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
f6acbb5e4427f85f7e3c06e2a18662827afff06e46875100bbc31132453793c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Oct 2022 01:21:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
163
cdb
bidder.criteo.com/ Frame 697B 		177 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=131&profileId=184&cb=48486353937
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
949102928c429436142e2d8a9c089b01787ab2dc75e093c9bbb09859309504cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
165
/
t.ssp.hinet.net/ Frame FB3A 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
11ee67d5aef45b6fdd566ea2ca67eddbb4cd8752aa40d1875816f0147d3db035
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ Frame 697B 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
drawV2.js
cdn.holmesmind.com/js/ Frame 697B 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13849&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=346&o=1&d=1&b=2&ts=1&ii=2&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
_IGoEaVLvOEUl6iGSTju4IOy7SIZuonmH4ByXtEEn6eO0zBOvqsAaQ==
events
bidder.criteo.com/csm/ Frame 3896 		0
209 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
chtmp.php
ccm.holmesmind.com/ Frame 7E7E 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ%26SID%3D55974%26Tags%3D2390%2C2352%2C2391%2C2903
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.98.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-98-177.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
drawV2.js
cdn.holmesmind.com/js/ Frame 3896 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/drawV2.js
Requested by
Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=13857&rf=https%3A%2F%2Freurl.cc%2FAOW97Q&n=289&o=1&d=1&b=2&ts=1&ii=2&FPCK=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&initver=210830P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221a:2c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 11 Oct 2022 01:21:24 GMT
via
1.1 3bc9fc5ff5b1c7e58ac789581c13d0e4.cloudfront.net (CloudFront)
last-modified
Fri, 16 Oct 2020 09:58:46 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
16
etag
"84d8b1a745228113e60f5e62f0eff6d3"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10359
x-amz-cf-id
3o7zW4L7s3tLOJn84bq7o4-4-UvCvBj1AismEdqE0OnDd_xPTH9q5g==
chtmp.php
ccm.holmesmind.com/ Frame 5C3E 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ%26SID%3D55974%26Tags%3D2390%2C2352%2C2391%2C2903
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.65.98.177 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-65-98-177.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
emome2
t.ssp.hinet.net/ Frame FB3A 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
/
t.ssp.hinet.net/ Frame A5FA 		36 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
11ee67d5aef45b6fdd566ea2ca67eddbb4cd8752aa40d1875816f0147d3db035
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
emome2
t.ssp.hinet.net/ Frame A5FA 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
rubiconid.aspx
bw.scupio.com/adpinline/ Frame 1CF9
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L93IPBJ8-Y-5JGE
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJ8-Y-5JGE
0
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJ8-Y-5JGE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/javascript
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJ8-Y-5JGE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
rubiconid.aspx
bw.scupio.com/adpinline/ Frame 7BC0
Redirect Chain
  • https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=L93IPBJF-4-4D2L
  • https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJF-4-4D2L
0
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJF-4-4D2L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:39 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/javascript
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://bw.scupio.com/adpinline/rubiconid.aspx?uid=L93IPBJF-4-4D2L
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
landing.php
fp.holmesmind.com/ Frame E1FE 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:40 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 3896 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:40 GMT
landing.php
fp.holmesmind.com/ Frame E0C1 		0
37 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&CFFPCKUUID=2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw&url=https%3A%2F%2Freurl.cc%2FAOW97Q&maindomain=reurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.219.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
39.219.117.34.bc.googleusercontent.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-headers
x-requested-with,content-type
access-control-allow-methods
*
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 11 Oct 2022 01:21:40 GMT
server
nginx/1.20.0
vary
Accept-Encoding
via
1.1 google
utag.js
t.ssp.hinet.net/ Frame 697B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Mon, 25 Jul 2022 06:51:32 GMT
server
nginx
etag
W/"62de3d74-134a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Tue, 11 Oct 2022 01:31:40 GMT
setuid
px.ads.linkedin.com/ Frame 1CF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93IPBJF-4-4D2L
0
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93IPBJF-4-4D2L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:39 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 6BB8033B34AC4219BA5696B058BABF29 Ref B: TYAEDGE0705 Ref C: 2022-10-11T01:21:40Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXquBkmLOEANkpsiVhv8A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L93IPBJF-4-4D2L
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1CF9
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_Mw8WITQSuO1lV6bXQV1aA&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_Mw8WITQSuO1lV6bXQV1aA
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_Mw8WITQSuO1lV6bXQV1aA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
52.95.118.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 01:21:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JWT5BQPWT75Z0286S7W5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=_Mw8WITQSuO1lV6bXQV1aA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1CF9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAr3brY59QJ92SqK3KInC8E&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAr3brY59QJ92SqK3KInC8E&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
5daa34953a867809056448757b76591b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAr3brY59QJ92SqK3KInC8E&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 1CF9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://match.adsrvr.org/track/cmb/rubicon?
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0426e15-7af9-494b-b3ae-0fc5f4a46953&gdpr=0&gdpr_consent=&expires=30
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0426e15-7af9-494b-b3ae-0fc5f4a46953&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=a0426e15-7af9-494b-b3ae-0fc5f4a46953&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 1CF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFkNzQwZTRiYTcwN2I5YzZlNjAwOTk4ZDM5OWM1M2M0OGEyYTgwMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFkNzQwZTRiYTcwN2I5YzZlNjAwOTk4ZDM5OWM1M2M0OGEyYTgwMQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmFkNzQwZTRiYTcwN2I5YzZlNjAwOTk4ZDM5OWM1M2M0OGEyYTgwMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1CF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/zAFkcbfigXWdZh0t9NM5SA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5281871935908473671
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5281871935908473671
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5281871935908473671
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 1CF9
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2MVU0Q4GRPWt0IRN5t7T1A&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2MVU0Q4GRPWt0IRN5t7T1A
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2MVU0Q4GRPWt0IRN5t7T1A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 01:21:41 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
18E9KF37XR2EY25ACY1T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2MVU0Q4GRPWt0IRN5t7T1A
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 1CF9
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzSVBCSkYtNC00RDJM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzSVBCSkYtNC00RDJM
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkzSVBCSkYtNC00RDJM
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
mbcsc
sg3.beap.gemini.yahoo.com/ Frame 696E 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sg3.beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=o7BJDR8GIS_R3BgJU5tfZAJ99QILsIzFlDudf_5vLhx5oy256bGfstG5rNeN_PthwdyRR8yRIMZS3AG_TybFeMWgG_Fmd_33gxtW_K.wtnEmMf6DyPU9k94cK9795mwCeGvxbs8H1kaSP6JugxFHBs6rG_NfUyICGoBG9j1UZ.QvoKHFxL.BbZMhMgMgnXzk8Iz5mt8QUCDkT8Czr1tXwhB6G_K6glW7vhfFbjIWnvENHbBQk3ogyKiLCIJKEVT8FvtHPbYo6kd0siNIbumERZwc8GdUu5VEhwxJKVtQoNW3oJgeVFrpRcygYkw34DV.Qyd9yfZrW5us642_HTJeEQ.f9x4dcHwSzFF2HFfAefbHWcbc6XTSW734OFMKpbUfpqHsuQq_V5NFXW7jNIgMufebUSvvha70fBTgsg5jiySOVeuISeb7E65Z4MAqM5nKnT5eq57yWiEB0bgTDBk1hGYfLUvJkMoQJ8IqxmImMv_E.AzDDCK1wO95HZEQhlJvL_j.2r8BvQ.ZDgu76tgIyvouUzQN6DHbXVEp2_5bXUel5_KQpC0r0lm5zDLlaKgJ9eYHyG2F6pcJuBeCjvwFiygmFcbhtX.ITbz4wKr7N9YbN5yMyqcwlOXfrBP2tZh1bFBS3hSVhfq2OYaE831A60fOyld3oqfutRsuomZKYvxif7C317CPeDX56pZkEaBPP9zDcspFonzpSuxhS4e3NrBhQeWFM23ovYbvzu3X4Tc4KHYASyUCzDlDhc8onerh.TR5sA._vNuxDkWL1oIkhk4lT1D7ykRxOjKvGBsGpSZl9_Qtdz2m7zf4u9_1K9n_IFhdSjPw3Vk5Xwc.BnLpYAnhZ1kr13atsiHiQc4n7enLbDlUXCQN.Sh8P7LRKOD4di79LBsfQGR0oEtQw3IoIeVOzpNNGw5mLVHgur2uXZPrT8iOspdZ5UhAIDLi_0d3l32YdpvzUnlsP7duCxnK1kuCAu_SBQwSBDfspYPKU0b1iS.6GQ_yEUo3BC28zBoJlBboYNPQLDA_6C3smOqkKMH2A5HPV0Enay6y4lwVnycm3CJ1_uTzn8QIeq1Yfj9TTIcBEkle4TOZz_bl.8FnXGzpgVVuvSGucLr3thXwtZRcHaysiKCweTqjPaPV0.PRODHo3BFDdXkFbaFkTADmgMn1llTDQC6MsgZzWWkA_IXxoiKtqeYYB_47.sHY9ROfiLi.t0CRxNZcsMSoSL8SpZ18KOM2eQF2OfYucZntsvi9FNb0FMKORPGil0a0W.iR4P6f5NO8SWp._rPDzx6D0zSMN3roENawIkkqhZo8wJzz0oJuHi1S4CXJqEQRr8nnWYh_ZQKEXclCVaDR1sXcBZM8VP5bYwLdEJuW1c.omlVbyjt9feywJ.Av3lB0M_yH77I45Km00OeShJFCGmF_rhsAVcL0XLsRVDso.5McZCYpd1MkYCXtObQNAwa9vxIS161P8SkrJanJl9sOMbhaFhwiv1oWjVNilKHOfGbf3Fyr40Gq4.9p_Ui.d.x2OflsliOZmLBIeuCJBqNERbSAw3RVsLs3sWAPNai8VCSKw3ktsN14cKvtrK95wxDMh84nqjZy2f2ZuGkdnlezYkm1soRKndn7Db1NAAan6O9MElPcVZy0Kof1sh_Z9L4fuWz_6OL0wUu9MU_rm9xeCrroHk0j2wlU9PFmN0M2GzKXxvnvcFWfF2V_DES4jlRGXyVpqxyq_JyXutjbaPBFKuHBKCQUf7B8jgslCsxxCDp5_CqXJVJuQYsVhkS6gZiQ_WXKYnLl7Daxg4gdvrGSIvxEbOm86MhDs8SG6jSatuAjcZjJ.kfDgmFJmicOTc9DVgXeuHXHiAGj7h0LFy9nUD289IC65UhN5jn2DBD1entOmTT5Fb0ErGh8R9hMVD0cG.koEfq0iUeVML9UYcfxVzoqhSgj5RlbM5sAsblhNpptlPBu00PLanc8UVg1jpe5x5B0XjJ3ynjwDVsc5LfRV8JYcpH.bcXNwc655vnysMLjaD8PSkRoO5oJInj5yhiMt7H_DN.FBn5TIVo8y0dVwyxzb1ryRnSbMvJghYrsCKkx5J4H2C6GtDURxH7WfB4kaDLfoh9qsQ0HFTwpZzC7ECDWmZQrrAuUF5l3GE5OwYl_utVvmg6pvbYwCqbUHMMHsIcckCAQlI6GJH9gFaWeYX4eyfIgAuhbIJwSUUhEeTFPqdlaYF6wDAR18wvy.tmgBnhev6lCp1Krh3nbpDEiWu1QqNzEktO4409LbG93NyyI7eVE0cZOVjoAmvlHF.wDr5hNGja5.lS5Wb8ITPUoJVtN_.dp_9uG901eRC7X01s.kDMLqW1hX9qlATH0zItJngLlmSNc2LvcWsQuI612lR814ewX7Cr63EylhGgTOYKhxrROoEUFHhE4q08d_ol8RjovXALwMnRJc7kdeYfLG3cKBFNYvhW6q_CeXbtP5cFOrL59KgjfJ1YQNfRCpQCsK0XdIyPwbkCJ4TPYk7HBbt09gsmcSaiRmOrrg2CD0O3v&ap=pp%3Dm%2Cpi%3D0
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
106.10.236.141 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
beap1.cbs.vip.sg3.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only";
x-frame-options
SAMEORIGIN
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
0
x-xss-protection
1; mode=block
beacon.do
ads.yap.yahoo.com/nonSDK/beacon/v1/ Frame 696E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yap.yahoo.com/nonSDK/beacon/v1/beacon.do?id=_jeegd2OWFFf0GkP2wQityNG6gwiLcvn3uplUicfzBdmmHcAXE3sH92y22tVNBcUNvf9JnuXPzg2QWlEd4U86p0NGRyZWX4hhP-lI-7T8t-wpKiMqYIrhvuHKV-ahbStYAjvw9xFUybpbU2FhIhOjNyaPmJf0cFNMlTO9zCzA4bkjyOGHCcT7VdFxHd7UF8JOehzfr1MzSooiwHsy2R0GN1AZWhlOvCgKO0IlBr5OL2r4N3QIgugcdprxhSlLTSDGS9WGSJpyTPfinYjbMndjjoOktXlXY3occEABfgUmovseNtsnplgibjInin5Ik3j
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
106.10.248.144 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),
Reverse DNS
media-router-flurry71.prod.media.vip.sg3.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
cm
t.ssp.hinet.net/ Frame FB3A 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame FB3A 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame A5FA 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame A5FA 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame 8E4F
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2FtJ%2BBPtWKzHTwsuD8neHrQsjyIG8gsoYTMA%2FUV3XOX%2BPKEkA7XMFn7KIKGst7%2F939FbNZLVFCbQ7pljdfJem1CRbjgv4A3IvMhhoJQyBM2eKKiuJGusJYN7SgVQ%2FSIdmy%2FSH%2BjT4nMvu1xCgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7583c7c5ed54afdb-NRT

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/ Frame B094
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrzAUJWR8B4SW1NERZnWnbe5IhEJuuXAYG8BkuLC9XG%2BdS6ClbIP1lSAwj5qFHifapS4%2FqpwMTpcnEEBzsPDBbVdYEnU237YCLMY6mNAgxTFUV7HHKCpJLjVS%2BDMSqFzIEvehD92IZhXs4Nx8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7583c7c5ed57afdb-NRT

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame A085 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:40 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ Frame 4D9A 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:40 GMT
syncframe
gum.criteo.com/ Frame EF00 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:40 GMT
server
Kestrel
server-processing-duration-in-ticks
429086
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame A085 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:40 GMT
cm
t.ssp.hinet.net/ Frame 3896 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame 3896 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
pixel
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/ Frame 697B 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net/pixel?bd=a82a450e-9668-48fc-ace4-bae99097fbf1&t=50ef57&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
cm
t.ssp.hinet.net/ Frame 697B 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=50ef57&cid=1364-WW3teI1m40crB4REkJYwessMlf1hnrnM&mp=a82a450e-9668-48fc-ace4-bae99097fbf1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, private
access-control-allow-credentials
true
syncframe
gum.criteo.com/ Frame 3DFC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:39 GMT
server
Kestrel
server-processing-duration-in-ticks
443040
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 4D9A 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:40 GMT
sid
mug.criteo.com/ Frame EF00
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=CajpvXwySkpXM2xLMWlHTHFFZkNmM2xKZ0lLZGE1dkI4U2ZBOU5zc3VBeTVaemRyMnJxZFhyQ3lyNlVYdHJ3c2xBOXB0ek5yL0VkMk5JMXBNMUFocHVKUVBNdThrdm5URnVFUzhmaHZta1ZXZGpYaFFUL2tQVWFyY2NyVD...
431 B
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=CajpvXwySkpXM2xLMWlHTHFFZkNmM2xKZ0lLZGE1dkI4U2ZBOU5zc3VBeTVaemRyMnJxZFhyQ3lyNlVYdHJ3c2xBOXB0ek5yL0VkMk5JMXBNMUFocHVKUVBNdThrdm5URnVFUzhmaHZta1ZXZGpYaFFUL2tQVWFyY2NyVDFSeWp2M3RGcGJGNWtRNDdOc0lFZmlYMnJhRkRxVXlrVHh1VHB6LzVCUlY1NEtDSkwwVXA2ZWYrMGNDelZQV3I5ZWx4V1VNRVBMcmRRNGJJY2gzdUVEYVJScWtLYzk3Q3ZGYXYzU2NSK0ZFMjBxVlB3bUVCcGhraFRHbTJrbkhpOElmTUEvdmxVclQwMjdXdXNqYnVGUm1DRkkyaFM1Y0dsWElEelQ1MWJUS2lsbFJscDlqdz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
848bff46ebf6d2a23dec54d42d188f3e24531a483903ac816faf58ada7f0a97a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:39 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1357684
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=CajpvXwySkpXM2xLMWlHTHFFZkNmM2xKZ0lLZGE1dkI4U2ZBOU5zc3VBeTVaemRyMnJxZFhyQ3lyNlVYdHJ3c2xBOXB0ek5yL0VkMk5JMXBNMUFocHVKUVBNdThrdm5URnVFUzhmaHZta1ZXZGpYaFFUL2tQVWFyY2NyVDFSeWp2M3RGcGJGNWtRNDdOc0lFZmlYMnJhRkRxVXlrVHh1VHB6LzVCUlY1NEtDSkwwVXA2ZWYrMGNDelZQV3I5ZWx4V1VNRVBMcmRRNGJJY2gzdUVEYVJScWtLYzk3Q3ZGYXYzU2NSK0ZFMjBxVlB3bUVCcGhraFRHbTJrbkhpOElmTUEvdmxVclQwMjdXdXNqYnVGUm1DRkkyaFM1Y0dsWElEelQ1MWJUS2lsbFJscDlqdz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
371656
content-length
0
expires
0
sid
mug.criteo.com/ Frame 3DFC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Jjh8hnxwNmFKbldJV2FqYWNJWm5vOE9UeDVZMTJnY3piVWU3V1Q1cENvbXFHcTZaYnE4Z0F4Z2hQTWpFUUJmZ2JlVVJ0SDZoSEZ1aHFSNTZOZzJyQ1B6d1Nodnh5czRwU3BPU3Y1bTVIWVAyaWF5dDF1ZUhieXFsQmRLWk...
444 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Jjh8hnxwNmFKbldJV2FqYWNJWm5vOE9UeDVZMTJnY3piVWU3V1Q1cENvbXFHcTZaYnE4Z0F4Z2hQTWpFUUJmZ2JlVVJ0SDZoSEZ1aHFSNTZOZzJyQ1B6d1Nodnh5czRwU3BPU3Y1bTVIWVAyaWF5dDF1ZUhieXFsQmRLWkVFcUt1cjlWaDc3QzJEZTJOYjYwTmtsY1p5RThva1l1Y01SdGJDbkdlMUpMK2M0eDJrM0dlYmRBd0N3VER5YzRNWU1jUEN6N2Y0ajRXak5wblBzUTVSdUFzZmlzZGF4ajNKZ2p4eFAyclNWVDduaUZQVVpLdEcva2JyZ0ZieXJ2VllFbFpPZ0RTL0pCSVFvR28vREdXUGQzQ2xoL1BZZHZRektieXRwazhzVHovR0ljOUdCWT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cb39f92e7e593a29bd56ac7314addc94403181f5e26ab5850ad9570e5137b94f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1375648
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:40 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Jjh8hnxwNmFKbldJV2FqYWNJWm5vOE9UeDVZMTJnY3piVWU3V1Q1cENvbXFHcTZaYnE4Z0F4Z2hQTWpFUUJmZ2JlVVJ0SDZoSEZ1aHFSNTZOZzJyQ1B6d1Nodnh5czRwU3BPU3Y1bTVIWVAyaWF5dDF1ZUhieXFsQmRLWkVFcUt1cjlWaDc3QzJEZTJOYjYwTmtsY1p5RThva1l1Y01SdGJDbkdlMUpMK2M0eDJrM0dlYmRBd0N3VER5YzRNWU1jUEN6N2Y0ajRXak5wblBzUTVSdUFzZmlzZGF4ajNKZ2p4eFAyclNWVDduaUZQVVpLdEcva2JyZ0ZieXJ2VllFbFpPZ0RTL0pCSVFvR28vREdXUGQzQ2xoL1BZZHZRektieXRwazhzVHovR0ljOUdCWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
339173
content-length
0
expires
0
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 8E4F 		975 B
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2051
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ejSav4vUcHwuHpOxqOtmCFgRZ6zb6zMLuMyfO745EyOJmLQPMwV9HQrzEpQYcLrtKtAwa6vir5NLrLaCv6kBgxV40juUtyJzeLP2KXKhQqicfS3FJloRmGYwrOMJaVEmA4%2FmHKJtbDsCII%2B0qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7583c7c628ff1d6b-NRT
idRequest
sync.aralego.com/ Frame 8E4F 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
dbb464c5f6c169916d1692acb28b733ade8e825766d64affdb247c3fbcb8ddf6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:40 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame 8E4F 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FAOW97Q&adid=ad-BE78DB396979B34E17BE3B66A3E7D76B&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.33557006822053026&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:41 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
0678ad2c-8ad7-378f-bc04-db0e8ce93b84
X-Adtype
html
Connection
close
Content-Length
555
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame B094 		975 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2051
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gjEIUAztRXizeh6qttHodd5bKH8KQ0bNsXX3Dw6aQMS6M4bLixqxqad3Q0ZX2deh2%2F9YfIGtXRyylXttakTtabAv8enqvNtsY1A6gW5fc4tiYxetkJ75F5%2B%2BV3xO%2BYWhFs%2FtacqDgAesDC3pkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7583c7c649321d6b-NRT
idRequest
sync.aralego.com/ Frame B094 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
dbb464c5f6c169916d1692acb28b733ade8e825766d64affdb247c3fbcb8ddf6

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:40 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ Frame B094 		552 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=reurl.cc&u=https%3A%2F%2Freurl.cc%2FAOW97Q&adid=ad-BE7A8D43E47B3D23C77A9993A9B8A778&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.29844500955490116&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B&ao=https%3A%2F%2Freurl.cc&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20%22Times%20New%20Roman%22
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:41 GMT
X-Width
300
X-Height
250
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://reurl.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-SspId
0678ad2c-8ad7-378f-bc04-db0e8ce93b84
X-Adtype
html
Connection
close
Content-Length
552
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 2FC5 		714 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
age
6298
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7583c7c729a51d6b-NRT
content-encoding
br
content-type
text/html
date
Tue, 11 Oct 2022 01:21:40 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7r9BPz7%2FHI8yTUf1ajCvVT0dnc%2BUWfEnj52%2BSm6YZH60hHOomI4khwmzh2XJjkDEL9j8mT14x%2BYXr2ZejgJLfokVcPV7JR%2BWKxD4IcOmVeiLybW1xc7AfhmfKCG8bHfUko1sUbZY0AFDwmCnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame 8E4F 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:41 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2FC5 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5410e29b53446481ffb749785230d727bd8f0d2a550ada2917e6e48cbcab750e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27744
x-xss-protection
0
server
sffe
etag
"1360 / 480 of 1000 / last-modified: 1665439483"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Oct 2022 01:21:41 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 1924 		714 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

access-control-allow-credentials
true
age
6299
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7583c7c759c91d6b-NRT
content-encoding
br
content-type
text/html
date
Tue, 11 Oct 2022 01:21:41 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UY8hv4t%2B49AaNQ612s1WJNF7ERCfM8NohrkVvgtrImNqi3St6BoIUCiNa6IWcUIoZZExo6vaa1eNMZEw9kFiGdDHLKtsYhHq1l9ZikO5bWCEA4PVi8w12IBGuGcofGZ6dYOS%2BKiv6n5OJ8%2FziQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ Frame B094 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:41 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 1924 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aea51991e427dca23a8d136061b8b138995e5ea83ab9d4f17a59e11b97364ebf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27725
x-xss-protection
0
server
sffe
etag
"1360 / 740 of 1000 / last-modified: 1665439483"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 11 Oct 2022 01:21:41 GMT
pubads_impl_2022100501.js
securepubads.g.doubleclick.net/gpt/ Frame 2FC5 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 23:58:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
264217
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131414
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:35:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 07 Oct 2023 23:58:04 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/ Frame 1924 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Mon, 10 Oct 2022 19:39:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 10 Oct 2023 19:39:11 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5DC0 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18744be218cc11d32f1495ad48e668f746832efe121a4b3c9756025fb06bf7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37862
x-xss-protection
0
server
cafe
etag
10773667453023283456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 01:21:41 GMT
integrator.js
adservice.google.co.jp/adsid/ Frame 2FC5 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2FC5 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 2FC5 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4299558168406045&correlator=3326705932792436&eid=31070223&output=ldjh&gdfp_req=1&vrg=2022100501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665451301231&lmt=1644386353&dlt=1665451301002&idt=210&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=efxpffpoqx7h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1209156231.1665451301&ga_sid=1665451301&ga_hid=1327708119&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24758e1fa4ee355b9e3e3af4bd4f2290d8fc2e260745df1a225ce220c2ff64ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
233
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 20EA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:41 GMT
expires
Wed, 11 Oct 2023 01:21:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame CC8D 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e223126243107bdbcec419458b664dcd9a1af7c69c432115828919adcd30d3eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37866
x-xss-protection
0
server
cafe
etag
5157350239350104475
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 01:21:41 GMT
integrator.js
adservice.google.co.jp/adsid/ Frame 1924 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:822::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 1924 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 1924 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=210208822610715&correlator=3373248566351050&eid=31070282%2C44761478%2C31069353&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665451301262&lmt=1644386353&dlt=1665451301037&idt=208&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=15y90khy68sj&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=5&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Freurl.cc%2F&top=https%3A%2F%2Freurl.cc%2F&frm=8&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1266695640.1665451301&ga_sid=1665451301&ga_hid=446631756&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:824::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f88fb5ef8aee1546ec340bb874ee6360f0bb16c2d35f50611a93ac561d40aaa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F596 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=5
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:41 GMT
expires
Wed, 11 Oct 2023 01:21:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/ Frame 5DC0 		352 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d288da41eb580ce3f4075064fe0b45acbc86af0cd7b83ccf4e83d1095e6365c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127112
x-xss-protection
0
server
cafe
etag
2145910233609389514
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 01:21:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 1924 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97efd5a94a2d67afa75efa92498d135a5a117caa8efcd3e2b5763e6e3b28c69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11295
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/ Frame CC8D 		352 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bf6e25f34351ebb993bf0294c7bb378eb4a73bcfa2051badfa2bac8eaafac543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127113
x-xss-protection
0
server
cafe
etag
6526598854756095363
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 01:21:41 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2FC5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
562b8e0ce7a2bf9d03946e06771ca9506d12bbcfb4e69556c92e17a96f692661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11203
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 1924 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js?cb=31070282
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 01:21:41 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 5DC0 		383 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3a7101545eb3836cdf8a5f8a89a19a950b28a6e5459551f933467d2e46e83d59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/ Frame 5DC0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5DC0 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F12 		81 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
828d3c51f5dce80f8d9d0c02921a9e8c4dec98eb9a3f3d91edeee0d6d8721bd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
29794
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2FC5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 01:21:41 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame CC8D 		383 B
318 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=reurl.cc&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
24d7be1d9cfc097d8da0bec2b9c43e0eacc4a8e1ac987f7b8d06cd1adc7326e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
integrator.js
adservice.google.co.jp/adsid/ Frame CC8D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.jp/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CC8D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=reurl.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 227D 		77 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eefa070b842b12414072c20adb55a82e3c980a2a94a0a20afe132fd4288be4c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
28729
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 830D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
8591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 22:58:30 GMT
expires
Tue, 10 Oct 2023 22:58:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E073 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
38097a16c77a6e721bce733d49b1c4a1275a6b1f7d99592fce34e55589a74e0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-350S_7fMfe4Fj_-iFUAuNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-350S_7fMfe4Fj_-iFUAuNQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:41 GMT
expires
Tue, 11 Oct 2022 01:21:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBA9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
8591
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 22:58:30 GMT
expires
Tue, 10 Oct 2023 22:58:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 31CF 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4f0084f8839351f6c2fae7a8bce65d36791ac1407ddf8cc5be44ede8c7236a66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-s3oUzQWO6h06ApQyUU-7-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-s3oUzQWO6h06ApQyUU-7-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:41 GMT
expires
Tue, 11 Oct 2022 01:21:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame FBA9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 21:05:59 GMT
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame 830D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533742
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 21:05:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E073 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100301&jk=210208822610715&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 31CF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100501&jk=4299558168406045&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame FBA9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?tGgmDg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 830D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KGISlA
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:41 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 11 Oct 2022 01:21:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
423225
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame A085
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=9TAQ63xKeDZCVHJjOUhGTUFVZ3Y5cHJVSXBBbjhqeFpRcENIb3ZDd21uOU1GcjFHcTZTMVFjdWpRdTg5d1NvM1RwTTNLekRveWJnOTc3NXFrY3ljTHdmaE1UQmxVd3N3NFdJZ0N3QWRtNmdwekc5VnZzYkNJM3VhMjJRcl...
434 B
717 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9TAQ63xKeDZCVHJjOUhGTUFVZ3Y5cHJVSXBBbjhqeFpRcENIb3ZDd21uOU1GcjFHcTZTMVFjdWpRdTg5d1NvM1RwTTNLekRveWJnOTc3NXFrY3ljTHdmaE1UQmxVd3N3NFdJZ0N3QWRtNmdwekc5VnZzYkNJM3VhMjJRclBRMVJjcExIN29oS0R5eGNoNFdxZUNyZHlnM1hwMXNuNFJkbkZEdUlBdEJuVzlkNzk3WEdhem9IY1hiY2VsdExRcVpqMmo3UWY0Z0lNc29wZ05UYXpxYXNMRGdxalM5NTVmRU9sVnYyNGFQRUsyTUljeVZrN1gxSVhDWWYrMXF5MVY2S0R6T2ZRc09Za3M2eTdJWER4MTNnTlZ0N1AxQWRIaVVzeFpzRVVERXgzMW9QUVZxZz18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f67546729632b52901b2bb08d4d967aaed6e9d43387faa32ad8845f4f2361a5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1348701
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:41 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=9TAQ63xKeDZCVHJjOUhGTUFVZ3Y5cHJVSXBBbjhqeFpRcENIb3ZDd21uOU1GcjFHcTZTMVFjdWpRdTg5d1NvM1RwTTNLekRveWJnOTc3NXFrY3ljTHdmaE1UQmxVd3N3NFdJZ0N3QWRtNmdwekc5VnZzYkNJM3VhMjJRclBRMVJjcExIN29oS0R5eGNoNFdxZUNyZHlnM1hwMXNuNFJkbkZEdUlBdEJuVzlkNzk3WEdhem9IY1hiY2VsdExRcVpqMmo3UWY0Z0lNc29wZ05UYXpxYXNMRGdxalM5NTVmRU9sVnYyNGFQRUsyTUljeVZrN1gxSVhDWWYrMXF5MVY2S0R6T2ZRc09Za3M2eTdJWER4MTNnTlZ0N1AxQWRIaVVzeFpzRVVERXgzMW9QUVZxZz18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
352531
content-length
0
expires
0
cm
c.holmesmind.com/ Frame A085 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame A085 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:42 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://img.scupio.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 11 Oct 2022 01:21:42 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
323493
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4D9A
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freurl.cc%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=nXiO8Xw5Q1hZcXJDUGQ0UUExWnJaek9lRmlLb2tVWmgzM1A0Tmc4QVZ2b2VqU0JRWjR4K2ZrZE41a1duOVIzemhXT2xoZkpNZFNnWmwvUHVsUDVreXZ0THRGSVY3MjZvTWNGaitDM3JNcm1lWkRqVkt2ZkpmWkZ4L1FhTj...
429 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nXiO8Xw5Q1hZcXJDUGQ0UUExWnJaek9lRmlLb2tVWmgzM1A0Tmc4QVZ2b2VqU0JRWjR4K2ZrZE41a1duOVIzemhXT2xoZkpNZFNnWmwvUHVsUDVreXZ0THRGSVY3MjZvTWNGaitDM3JNcm1lWkRqVkt2ZkpmWkZ4L1FhTjV2NlZZV2ZyTUIvSE4wNVJHajNTMkQ3Y2NvL1U0ZHNaNFFmK05qUW1YSFJmcXB2Z1FPZGdlbzZlVklvdHNFQnBwTUZ3dk4xZDNLbTN1ZnZZbkhWd0NqdHk0bHowdmhsS0J1TkVKSnZtQTBxZHIzSUM2Q2pMRnd2RHpjYW1uMU5mYjZOR2ovVGNYTk1xUkxob0dVTDB5Tmttck9UVm9MVUNIYnhRNWNJa1REVDZEbE12cE5ITT18&cppv=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
cf3f11d9c55e5f98739b101a43f846f0df4c3d544f055c36b4608436c7cac1b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:41 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
942272
expires
0

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
location
https://mug.criteo.com/sid?cpp=nXiO8Xw5Q1hZcXJDUGQ0UUExWnJaek9lRmlLb2tVWmgzM1A0Tmc4QVZ2b2VqU0JRWjR4K2ZrZE41a1duOVIzemhXT2xoZkpNZFNnWmwvUHVsUDVreXZ0THRGSVY3MjZvTWNGaitDM3JNcm1lWkRqVkt2ZkpmWkZ4L1FhTjV2NlZZV2ZyTUIvSE4wNVJHajNTMkQ3Y2NvL1U0ZHNaNFFmK05qUW1YSFJmcXB2Z1FPZGdlbzZlVklvdHNFQnBwTUZ3dk4xZDNLbTN1ZnZZbkhWd0NqdHk0bHowdmhsS0J1TkVKSnZtQTBxZHIzSUM2Q2pMRnd2RHpjYW1uMU5mYjZOR2ovVGNYTk1xUkxob0dVTDB5Tmttck9UVm9MVUNIYnhRNWNJa1REVDZEbE12cE5ITT18&cppv=2
access-control-allow-origin
https://img.scupio.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
356160
content-length
0
expires
0
cm
c.holmesmind.com/ Frame 4D9A 		0
13 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
idSync
sync.aralego.com/ Frame 4D9A 		35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idSync
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:42 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 2FC5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100501&jk=4299558168406045&bg=!bG-lbyvNAAYqRg79CkY7ACkAdvg8Wlhmmb0oPw9Vn5Mkcpbapm44dC49_fXuTwx0OONJ9vtFlNaYkgIAAABlUgAAAAdoAQeZAy0OraO9Brx-9wnKXIOvQKTVMBxrire38j0rT3GfuXNXMJ0vSKREbBRLaBvJMC3tJFQE8VW6dgvy3UnZALMkTpuOtlgFw0BxAk1OKjOj5OylBuZ65L-EJrdRnF8vbvPO8_TGfVDSiMHs4xwX5MNjuij3zAPMRMD9zYoEcWNUDaeVpZaN42YtgOYI4s0g1APILPCMY9j1vHHiaEXD5sVFJquoXqd-PSr6YA10g0C1RAE2T3yTC3Bt2FECC7_X-UVlIIf9YxJXSMDoC5kXAHKbPLQPoHT2yRJkbZocY6LnWXQ8AEjFWHXEUFtJRXLS8BdhRe5EyMXKXIqZoQ-7-N46bhVNQZ7z4xjfsRi_ZVF8dyOV93S6_pXFarL2xzTNFpFHt9DKhD_4FDQiErD3dngdKTxf9y49kKsbKOb8diZiWnYaKYm7OF9OWUIg5hycFushwkRdr_oTV2pttRs-LwUtnFMa00UP8nAVX_vQJw3MNVkJWVa-YGc8UFT_l5i4glPnr4OUYn4BwTGADhILTeLOgIDkMLlCnkmlBubeZw2dmK9yX9GNx0aQs1BdPI-j_HcRDNQjsJUvxKQUQks_WhwpTQ2R7ij93VM32GnNvSrqh3jzOW-SsorLm3RdohrNamDG4qVq02AbC7xOSU-dIl_m9qqaD9jXRNlomMZjw3UqFDZaFJuwk078dtsO4o4ZRJQsalDYPh4BDBl954ElTcXCjuydsRFgKGeC2YeWRzu127grinMIuppn9QmoVteckZLBgV3DUI40G4k5wKm_Ryz4OqdsmXMH2NJHITvJRzMc_d0vQRcKrLjCyw8VZtq0739JsPxxu5Z_7NZVGN0xBWIuAliL6zxRB6F-47jwapw6oTotqMEom44DXZW6HFsrWtzAwf9JUXnCiQwCy0ajWq7axOd0LH1UV77QlkmPfhTBj_-CNe67dPD3PnvvPI-Rq5PhBPuYC4Mr_ZhXxRw9uZ2lUYmf-KKxMrD6l2zO9HQ0RncFa8K_asOJb8-j90-MnfttzMwOTZXc5eubk8EerwjBIbR68dU9y427V4yq20N1UhMOhr5lKvyal9kOQIEJuzk
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9TAQ63xKeDZCVHJjOUhGTUFVZ3Y5cHJVSXBBbjhqeFpRcENIb3ZDd21uOU1GcjFHcTZTMVFjdWpRdTg5d1NvM1RwTTNLekRveWJnOTc3NXFrY3ljTHdmaE1UQmxVd3N3NFdJZ0N3QWRtNmdwekc5VnZzYkNJM3VhMjJRclBRMVJjcExIN29oS0R5eGNoNFdxZUNyZHlnM1hwMXNuNFJkbkZEdUlBdEJuVzlkNzk3WEdhem9IY1hiY2VsdExRcVpqMmo3UWY0Z0lNc29wZ05UYXpxYXNMRGdxalM5NTVmRU9sVnYyNGFQRUsyTUljeVZrN1gxSVhDWWYrMXF5MVY2S0R6T2ZRc09Za3M2eTdJWER4MTNnTlZ0N1AxQWRIaVVzeFpzRVVERXgzMW9QUVZxZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 11 Oct 2022 01:21:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
262173
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cc2fa6f05f6b7ab36f626f2501931c3a.js
www.gstatic.com/mysidia/ Frame 227D 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4312
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:42:59 GMT
bca10ddd16af34d21051a380f937ccd2.js
www.gstatic.com/mysidia/ Frame 227D 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7723
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:59:18 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 227D 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
843
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:07:39 GMT
1c8b28b3f1e45bd861fb75f2fad01d8e.js
www.gstatic.com/mysidia/ Frame 227D 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c8b28b3f1e45bd861fb75f2fad01d8e.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 16:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2262
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 19:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 16:20:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame 227D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
880b54918b4a62ebf033b5063c0398a2e3173533c69e87aa7ea9ad8af6b9ed72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9572
x-xss-protection
0
server
cafe
etag
13714838864795470651
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:05:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 227D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:09:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 227D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
9181008806812530437
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:14:51 GMT
l
www.google.com/ads/measurement/ Frame 227D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaS_LZwimkr_lb5u493KoM0aBDFbLoyueaHssD8yeSj8dFmy57uzM0vVjXPts0NHMPeTyWgmfqer0c9Vuc15uyedoYPQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 227D 		151 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47122
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665402098278948"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 01:21:42 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame 227D 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1924 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100301&jk=210208822610715&bg=!ISKlImbNAAYqRg79CkY7ACkAdvg8WnetrQepdSQ9Y-TiiJSiK_qD9kbrf-hX_pX4dNKtlQocBobweAIAAABWUgAAAAdoAQeZA1Saxk3WJIE2huDu-0rs4F_v4DcoiI39n6pU0Bzw6PnnrDwyeNDg9H9n-spguesfUKIn_AWfxk6qbw8ebDA2Fm2NSjREKGlTMQ2APv-f1_qpZYoIRYWdrUbHKXD_0EaGMju7z6oZ4LAqqhw2wk5MtMjsrggvqad0kajjQNkMgEzGeQ5YQFdThjF9bHkn6_8QWK1bXb8GseAIAzo8T1UNYg9oor7JqGacFodDm680vceuWLfzhJnp7_ybVHn8oWH1TdgPp45KHeM8a_iqhNvyl8NFG8UoR7N6n_LgKtda-a7MbQ0Ya6v19P5VXOxra7pMpnlc4l7m32_ic4lizsIBgYBKciIvzlRX6uBjCGzZzlRD2ZahCldtNxxmLUcLdGFiDENZB9gK7DMLylFVwIvuG7CPqvGi98-h82VcMgUlTNLHb07izS5ugkoyyTWVB5KHnx_XL6Mm72bjHmcbHp2nrbdN4ACnQWmmGhl2FNr7kh7uaEfmpW0hXsY5cPL38DWFZm1fiK_UR_rZL6fOklBDhrVkI2bRqrhw_NaChTCfuevxSHQRGxzP1m30pPgxlowyUi9xphi4jgbSgr62Yq28pA2eh1BrJZc2poI-vG-A6KO8qTqja_avtvw8Zi3U9HdQTUD2UNhhDiB_Wrki4QkDbJ14l6veljm1pa6sefUAkpsz26OobdTM7G9sN18Jz3lW76lxrjmIPOayISS4m7Y0j-ctGa-HDU2AFd2AEzcw2MVh-3N1d-CDWJbdZnyfX8PqhwP0xnu9Sn6v8PoUVyS46ZzCVeBQU4UGxp6L6Byv2k5EOfSNvhUHDuduBmnEUuiLDzgp_yxdBOExrtjd3rHouDwkrHBzpiAaaX44SySb_ZEX7cOwDpU5U0gdoG-q61iT3JZlmMo0oxy7JN2HarLVEN15RXAvSwaIKXwTlhS6QceQwQM7lM5HidONz-_ACzYpFmN6t-K0xLkW6ZfzqfEB-K2-n1jgqVGZiR2DlzmRuKC_64dbXyji4AbA6VvZUpvuCEcU5QO4tRb4ViiA1GwNyGrZWIUaEMBPrQZAWLvPU-VhnHUShmchsK4pk7pnp6pA_Mr4jhE1WgAgjmJ7du0wL7C4VKjS0lof3rJXJy1kcGCWnC1kqIE
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=nXiO8Xw5Q1hZcXJDUGQ0UUExWnJaek9lRmlLb2tVWmgzM1A0Tmc4QVZ2b2VqU0JRWjR4K2ZrZE41a1duOVIzemhXT2xoZkpNZFNnWmwvUHVsUDVreXZ0THRGSVY3MjZvTWNGaitDM3JNcm1lWkRqVkt2ZkpmWkZ4L1FhTjV2NlZZV2ZyTUIvSE4wNVJHajNTMkQ3Y2NvL1U0ZHNaNFFmK05qUW1YSFJmcXB2Z1FPZGdlbzZlVklvdHNFQnBwTUZ3dk4xZDNLbTN1ZnZZbkhWd0NqdHk0bHowdmhsS0J1TkVKSnZtQTBxZHIzSUM2Q2pMRnd2RHpjYW1uMU5mYjZOR2ovVGNYTk1xUkxob0dVTDB5Tmttck9UVm9MVUNIYnhRNWNJa1REVDZEbE12cE5ITT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 11 Oct 2022 01:21:41 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
239870
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cc2fa6f05f6b7ab36f626f2501931c3a.js
www.gstatic.com/mysidia/ Frame 7F12 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/cc2fa6f05f6b7ab36f626f2501931c3a.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4312
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:42:59 GMT
9a8178d18d321307744a4c8ce46adea2.js
www.gstatic.com/mysidia/ Frame 7F12 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/9a8178d18d321307744a4c8ce46adea2.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:42:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
326323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4293
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:42:59 GMT
bca10ddd16af34d21051a380f937ccd2.js
www.gstatic.com/mysidia/ Frame 7F12 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:59:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
325344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7723
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:59:18 GMT
css
fonts.googleapis.com/ Frame 7F12 		1010 B
769 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A0%E3%82%8A%E9%AB%98%E8%AA%B2%E3%82%A7T%E3%83%8B%E3%82%B9%E3%81%AA%E3%83%84%E3%82%BD%E3%83%8F%E3%80%82%E3%81%AE%E3%83%B3%E3%83%88%E7%99%BA%E3%81%8A%E3%82%92%E3%82%8BI%E3%83%A5%E3%82%AF%E6%B1%BA%E5%8A%9B%E3%81%AB%E3%81%99%E3%82%B3%E5%BA%A6%E3%82%88%E8%A7%A3%E9%96%8B%E3%83%AD%E3%82%B7%E3%81%A8%E3%81%8F%E9%A1%8C%E3%83%9F%E3%83%86%E3%82%A2%E5%AE%A2%E3%82%89%E3%81%BE%E3%83%AA%E3%83%BC%E6%8A%80%E8%A1%93%E3%81%97%E3%82%B8%E3%82%A6%E3%82%B1%E7%B4%84%E6%9D%9F%E3%83%A7%E3%83%95%E3%80%81%E6%A7%98%E3%83%8E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3380f2520844f2790b7de5b69c1b40acbfcd56c8ae72e0fba5e2e682387b69bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 01:21:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Oct 2022 01:21:42 GMT
css
fonts.googleapis.com/ Frame 7F12 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 11 Oct 2022 00:54:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 11 Oct 2022 01:21:42 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 7F12 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:07:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
843
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:07:39 GMT
1c8b28b3f1e45bd861fb75f2fad01d8e.js
www.gstatic.com/mysidia/ Frame 7F12 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1c8b28b3f1e45bd861fb75f2fad01d8e.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 16:20:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
464470
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2262
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 19:51:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 03 Jan 2023 16:20:32 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/ Frame 7F12 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
880b54918b4a62ebf033b5063c0398a2e3173533c69e87aa7ea9ad8af6b9ed72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:05:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
959
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9572
x-xss-protection
0
server
cafe
etag
13714838864795470651
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:05:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 7F12 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:09:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:09:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/ Frame 7F12 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221005/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:14:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7570
x-xss-protection
0
server
cafe
etag
9181008806812530437
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 25 Oct 2022 01:14:51 GMT
l
www.google.com/ads/measurement/ Frame 7F12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRt6TEpqXrlf8DPqTR6nZqx9MFrXokjcwt-WdLTuOQhSE1-dTw3waor4515h4wD2cuk9Wbj7HeoeJ7QIN0tZ0eUZFde6w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7F12 		151 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47122
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1665402098278948"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 01:21:42 GMT
1d54d8cacad5994e062108e03542c880.js
www.gstatic.com/mysidia/ Frame 7F12 		33 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 06:25:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13786
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 06:02:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 05 Jan 2023 06:25:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNECshAAAAAAAAFEAwBAoNEAMhAACgmZnZiEAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14698608799969497571/ Frame 227D 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14698608799969497571/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c34932eacf962fc4d03686c475cc0ebaa128f318e56e2e825674f1b0aa467694
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 22:30:23 GMT
x-content-type-options
nosniff
age
183079
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32043
x-xss-protection
0
last-modified
Fri, 07 Oct 2022 09:37:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 08 Oct 2023 22:30:23 GMT
truncated
/ Frame 227D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a8a44e9e4543644eaa2a59c8f663a292b90083a92d8920cc822126c3d617d7c

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEAohAAAAAAAALkAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEA0hAAAAAAAAAAAwBAoNEB4qBzMwMHgyNTAwBAoNEBkqBzMwMHgyNTAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEA4hAAAAAAAAAAAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEAQhAAAAAAB0iUAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEA8hAAAAAAAAAAAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNECshAAAAAAAAOkAwBAoNEAUhAABAMzN7iUAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AD3C 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
48185
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 11:58:37 GMT
etag
48472445140208031
expires
Tue, 11 Oct 2022 11:58:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAgEFAMAQKDRArIQAAAAAAAEJAMAEKDRADIQAAwMzMUItAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAKIQAAAEAzMxFAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRANIQAAAACYmbk_MAQKDRAeKgczMDB4MjUwMAQKDRAZKgczMDB4MjUwMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAOIQAAAACamck_MAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAEIQAAwMzMiItAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAPIQAAAAAAAAAAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRArIQAAAAAAAEZAMAQKDRAFIQAAYGZmjotAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2166 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
2641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 00:37:41 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FF56 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

age
48185
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 11:58:37 GMT
etag
48472445140208031
expires
Tue, 11 Oct 2022 11:58:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 227D 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
83d2a73d48827635a1a8c2a65638d0306fcd6ea21ffb3b8af7730260fa44720b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7F12 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
107b25768a77eb0357d38701f9f41e970bc1f308c91e7859cadc304cd070d18b

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame AD3C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEBthAws4h6eCzDpugl-SiIE&google_cver=1&google_push=AZmPxg8PxB0kNOKss7f6swWWZvoEyyQVOxsGWFjyoRIKh2RuSlcMI9AD1c6fOGditwVg2mL1pfREpC-ccjuZPVBTMxvt5guDLn4
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NjkyOTkwODk0NjQ4MjU4NTE2OA==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBthAws4h6eCzDpugl-SiIE&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBthAws4h6eCzDpugl-SiIE&google_cver=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
2001:df2:a300:bbbb::135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBthAws4h6eCzDpugl-SiIE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AD3C
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEN6rnL9SQb0cRakcez1Rd4A&c_param1=AZmPxg9HgQXMsSiwONFg7Gey6awZNsXf75hDBIHav0E5cUCDAQqkxXVYtaoh5v7GBvXoMW4UaZKnJauYXlH37Su48WwloVJiRDA&gdpr=%%GDPR%%&a...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9HgQXMsSiwONFg7Gey6awZNsXf75hDBIHav0E5cUCDAQqkxXVYtaoh5v7GBvXoMW4UaZKnJauYXlH37Su48WwloVJiRDA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9HgQXMsSiwONFg7Gey6awZNsXf75hDBIHav0E5cUCDAQqkxXVYtaoh5v7GBvXoMW4UaZKnJauYXlH37Su48WwloVJiRDA
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg9HgQXMsSiwONFg7Gey6awZNsXf75hDBIHav0E5cUCDAQqkxXVYtaoh5v7GBvXoMW4UaZKnJauYXlH37Su48WwloVJiRDA
date
Tue, 11 Oct 2022 01:21:43 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame AD3C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w&redir=https%3A%2F%2Fcm.g.doublec...
  • https://sync.targeting.unrulymedia.com/csync/RX-d1b51988-47dd-4700-9946-afce5082d099-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg_d0_0QD1uTnbjSvZpBI...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w&google_hm=BNG1GYhH3UcAmUavzlCC0Jk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w&google_hm=BNG1GYhH3UcAmUavzlCC0Jk
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg_d0_0QD1uTnbjSvZpBISqag1rvAJTVq9dqHmr5_--b3SUbYiuk3qm_hH3XhlPEkB0GPUUnhBO9k0f2PiHGX4WvGW-33w&google_hm=BNG1GYhH3UcAmUavzlCC0Jk
date
Tue, 11 Oct 2022 01:21:43 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXd1b5198847dd47009946afce5082d099004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame AD3C
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBq8OgC2MVPEIpxVIHDSI4Y&google_cver=1&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-21usBG-x2kAC0LoECqI17JhSEinVpNAnVmo1Bpado0vorbpcjyFZB2saf99OgeqIVQBYJDPQ_YGuY6r8McdBPucK1Rb0
date
Tue, 11 Oct 2022 01:21:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gob
sync.inmobi.com/ Frame AD3C 		0
0
/
onetag-sys.com/match/ Frame AD3C
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEDRQJWQ1bzIbzYcsWHEMH60&google_cver=1&google_push=AZmPxg-_GPLjjxaovpAssEI72yDyYX4JM25fCgyiECkSrPz4ZhNDFDCF0-HJdKu2nVASWE0CPjxFbpOTpk-...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg-_GPLjjxaovpAssEI72yDyYX4JM25fCgyiECkSrPz4ZhNDFDCF0-HJdKu2nVASWE0CPjxFbpOTpk-LNxRYSfaDadY_cbEM
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame AD3C
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEPmXqnPN0l4l5ClgMTyPB-8&google_cver=1&google_p...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=ZjYzNjMzMzUtZTYxZS00ZThkLWI4YjAtZGMzMDA4YzE2NWE1&google_push=AZmPxg-x2PfTJn2uYLc2E3NE6q0mUzIRUkYJsvoCQcd8PjGr9lx3iTOU0x1RBkmgUL1r8...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H2
Server
23.45.61.118 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-61-118.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

expires
Tue, 11 Oct 2022 01:21:42 GMT
pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AD3C 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2RZwSXrmJJDII-c2R2w5M-9Lt5KZzHjpnP8f9LVoNNh0VNny9QnJDPpG42vUkG82BNSyT4seP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame FF56
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESELNbY9mMuKutEWnFlVPHEcw&google_cver=1&google_push=AZmPxg8p4diro5NnTfPupGB7N22JPbXae8JnBFtjW12xiX09zFdzDjMvxSqcqbQfumuyyYWxfbjEicwYW0EkJYcPIThgvZsG...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8p4diro5NnTfPupGB7N22JPbXae8JnBFtjW12xiX09zFdzDjMvxSqcqbQfumuyyYWxfbjEicwYW0EkJYcPIThgvZsG_stkq5w3PC2NPMwn1KzFDTyEdBSkhvDGE2ICcv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8p4diro5NnTfPupGB7N22JPbXae8JnBFtjW12xiX09zFdzDjMvxSqcqbQfumuyyYWxfbjEicwYW0EkJYcPIThgvZsG_stkq5w3PC2NPMwn1KzFDTyEdBSkhvDGE2ICcvzB-Hht5ar_7lSyVNNT5I0
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8p4diro5NnTfPupGB7N22JPbXae8JnBFtjW12xiX09zFdzDjMvxSqcqbQfumuyyYWxfbjEicwYW0EkJYcPIThgvZsG_stkq5w3PC2NPMwn1KzFDTyEdBSkhvDGE2ICcvzB-Hht5ar_7lSyVNNT5I0
Date
Tue, 11 Oct 2022 01:21:42 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FF56
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEEQ2Uqpv_52AiObiXT3z18c&google_cver=1&google_push=AZmPxg_-mbZifIBUeQC-QmyqzVzatVgF3HKqmDS7Vp64XJ13p7a-gy5f87E5-jkpGZJqVNTRqRzscWKwFVZiYjH...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kgzUxFamSi1rz41Y_ssFntmK_Kg&google_push=AZmPxg_-mbZifIBUeQC-QmyqzVzatVgF3HKqmDS7Vp64XJ13p7a-gy5f87E5-jkpGZJqVNTRqRzscWKwFVZiYj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kgzUxFamSi1rz41Y_ssFntmK_Kg&google_push=AZmPxg_-mbZifIBUeQC-QmyqzVzatVgF3HKqmDS7Vp64XJ13p7a-gy5f87E5-jkpGZJqVNTRqRzscWKwFVZiYjH_H5BH5lBTt1MgS7vv9Zdg4o_DCVtBJql0MTO-BrkHm8MXKZ53X2xRMSbOpBqH6mM4ffU
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=kgzUxFamSi1rz41Y_ssFntmK_Kg&google_push=AZmPxg_-mbZifIBUeQC-QmyqzVzatVgF3HKqmDS7Vp64XJ13p7a-gy5f87E5-jkpGZJqVNTRqRzscWKwFVZiYjH_H5BH5lBTt1MgS7vv9Zdg4o_DCVtBJql0MTO-BrkHm8MXKZ53X2xRMSbOpBqH6mM4ffU
Date
Tue, 11 Oct 2022 01:21:43 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame FF56
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBq8OgC2MVPEIpxVIHDSI4Y&google_cver=1&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=0&gdpr_consent=&us_privacy=&sync=1&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1V...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ej...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1VT-sxYrrVVAIA-TJbxvYJcLeoVR2Khzs8rqq8loZqsYy7nOnukzWqlolQ
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTM4MzE3Mzk0NTUzNjMzMzIxMjc5Nw%3D%3D&google_push=AZmPxg-lMy5V7xp1s8zDwGcZ3UMZ2RXVfI7BbRUuQlgpiW4qv5sW64Ejj5Iuwfi7ZLzQJHDy5mRghc1t07jYIJiLP3PxmQzvG1VT-sxYrrVVAIA-TJbxvYJcLeoVR2Khzs8rqq8loZqsYy7nOnukzWqlolQ
date
Tue, 11 Oct 2022 01:21:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame FF56
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEC3WTEXXDQsAALDwonGtnjE&google_cver=1&google_push=AZmPxg_4wao-Y0J1R6apzHaP9bo7inIVHfFxC8fwCPnGQ-MncoF-54GpKWpX4_fFIbkwPnJuTzyGC_xsgnS-81HguJNjZ2FOp...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&mn_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_4wao-Y0J1R6apzHaP9bo7inI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&mn_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_4wao-Y0J1R6apzHaP9bo7inIVHfFxC8fwCPnGQ-MncoF-54GpKWpX4_fFIbkwPnJuTzyGC_xsgnS-81HguJNjZ2FOpB5SfbmqM6rrrefgeI4c0WHUMoKOjH3Y3vi5ylrUSZb2_m7PJTt7fEyb7w&gdpr=&gdpr_consent=
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 11 Oct 2022 01:21:42 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&mn_hm=MzA4NDUyOTAyNjQ1MjA4OTAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_4wao-Y0J1R6apzHaP9bo7inIVHfFxC8fwCPnGQ-MncoF-54GpKWpX4_fFIbkwPnJuTzyGC_xsgnS-81HguJNjZ2FOpB5SfbmqM6rrrefgeI4c0WHUMoKOjH3Y3vi5ylrUSZb2_m7PJTt7fEyb7w&gdpr=&gdpr_consent=
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 11 Oct 2022 01:21:42 GMT
pixel
cm.g.doubleclick.net/ Frame FF56
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEI-Tvh6XXIVDP-uZHJeOK6I&google_cver=1&google_push=AZmPxg-8d69Wtwx3t88IKkfaj6Y7YmxhQH9fAKNh0vVU9z1E9S2VDsbMdBIFDa6RGZjQAwkWaN...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVTFzMGlORTJ1RV9QNUd4SFNDYjIzVVBJRy5yYmk3bX5B&google_push=AZmPxg-8d69Wtwx3t88IKkfaj6Y7YmxhQH9fAKNh0vVU9z1E9S2VDsbMd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVTFzMGlORTJ1RV9QNUd4SFNDYjIzVVBJRy5yYmk3bX5B&google_push=AZmPxg-8d69Wtwx3t88IKkfaj6Y7YmxhQH9fAKNh0vVU9z1E9S2VDsbMdBIFDa6RGZjQAwkWaN1uekeUe_EcioCdkmA6K6j7t2LH5UK2ggkrTbd3NF8ik3dQRwMuvMnlzx9XaZWN9pkFX_9X7b2ReaBXb4OK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BVTFzMGlORTJ1RV9QNUd4SFNDYjIzVVBJRy5yYmk3bX5B&google_push=AZmPxg-8d69Wtwx3t88IKkfaj6Y7YmxhQH9fAKNh0vVU9z1E9S2VDsbMdBIFDa6RGZjQAwkWaN1uekeUe_EcioCdkmA6K6j7t2LH5UK2ggkrTbd3NF8ik3dQRwMuvMnlzx9XaZWN9pkFX_9X7b2ReaBXb4OK
date
Tue, 11 Oct 2022 01:21:42 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FF56
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHjNEbrtD_mBQgdHdGvUExY&google_cver=1&google_push=AZmPxg98WahbLvGH4dYCdaEI1PcYbaciNSXxKfPL0fQzodJxr_ems_FXIl-eVJvOLrtXVw7_053yTVpDuuF8awSZW...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWE1ZTY1M2ItZjYwNi00ZjA3LTkzZjctYzE3ZmYyYzkxNjgz&google_push=AZmPxg98WahbLvGH4dYCdaEI1PcYbaciNSXxKfPL0fQzodJxr_ems_FXIl-eVJvO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWE1ZTY1M2ItZjYwNi00ZjA3LTkzZjctYzE3ZmYyYzkxNjgz&google_push=AZmPxg98WahbLvGH4dYCdaEI1PcYbaciNSXxKfPL0fQzodJxr_ems_FXIl-eVJvOLrtXVw7_053yTVpDuuF8awSZWpou575S6gm-hJizeA8q9GYobe_AgNuVIO0JP7A9iwXWgoaY0U2U9AtBtJ2KetfFzJ_M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MWE1ZTY1M2ItZjYwNi00ZjA3LTkzZjctYzE3ZmYyYzkxNjgz&google_push=AZmPxg98WahbLvGH4dYCdaEI1PcYbaciNSXxKfPL0fQzodJxr_ems_FXIl-eVJvOLrtXVw7_053yTVpDuuF8awSZWpou575S6gm-hJizeA8q9GYobe_AgNuVIO0JP7A9iwXWgoaY0U2U9AtBtJ2KetfFzJ_M
date
Tue, 11 Oct 2022 01:21:42 GMT
content-length
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame FF56
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEOPcPUon2MJLd3a93tuaG_0&google_cver=1&google_push=AZmPxg8DcNrLM1kLsAucsAWJDBeiksOOJqv6ch4LLAuzY7V_yO2fDokEKtEcLXy5sjh1HueVgi8JooHxV0VpR...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEOPcPUon2MJLd3a93tuaG_0&google_push=AZmPxg8DcNrLM1kLsAucsAWJDBeiksOOJqv6ch4LLAuzY7V_yO2fDokEKtEcLXy5sjh1HueVgi8JooHxV0VpR...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8DcNrLM1kLsAucsAWJDBeiksOOJqv6ch4LLAuzY7V_yO2fDokEKtEcLXy5sjh1HueVgi8JooHxV0VpRGKZJy6Kv_rFzGhxYhELGtQyVkWJHdJv-ZyQjf3PAQKfLqA...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
HTTP/1.1
Server
70.42.32.63 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

Date
Tue, 11 Oct 2022 01:21:43 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame FF56 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LVum_iSQkg2Z0q-WMZ4vVjBunqcdEThikc55F3dc_EsoJ7cgBZwkDoxqLnRyrASfxG3XPebjex
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2166
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:42 GMT
expires
Tue, 11 Oct 2022 01:21:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEBAhAAAAAEBZ3EAwBAoNEBEhAAAAAAAY1EAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAAEEAwBAoNEBchAABgZmaijUAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEBQhAAAAAKBJ6kAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAGEAwBAoNEBghAAAAAADUjUAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CC8D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221005&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e6c9c2921f44437f64c2f7a7b6303aea74d0c4b6e4e7e820baab3534c211536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11021
x-xss-protection
0
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame 3FAB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F13801&adk=727071374&adf=2645242780&pi=t.ma~as.2784%2F13801&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301471&bpp=9&bdt=622&idt=190&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=1&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=662412593&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2437527076&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761792%2C31070198%2C42531705%2C44767166%2C31070152&oid=2&pvsid=3749170160334136&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.desj8w3d0izk&fsb=1&dtd=204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 21:05:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 227D 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NxdWFyZVRocm9uZVdpdGhvdXRCb2R5CgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMQoNEDIhAAAAAJqZyT8wBAoNEDMhAAAAAJqZyT8wBAoNEDQhAAAAAJqZyT8wBAoNEDUhAAAAAJqZyT8wBAoNEDYhAAAAAJqZyT8wBAoNEDchAAAAAJqZyT8wBAoNEDghAAAAAM3M7D8wBAoNEDkhAABgZma-hkAwBAoNEDohAABgZmbqhkAwBAoNEDshAAAAAACQjUAwBAoNEDwhAAAAAACQjUAwBAoNED0hAADgzMykjUAwBAoNED4hAADgzMykjUAwBAoNED8hAACgmZmljUAwBAoNEEAhAAAAAADwjUAwBBIaQ1BiRzZzbUIxX29DRmJCRHdnVWRtUVlGOGciF3NjcmVhbS90aHJvbmVfaW1hZ2Vfb2NoKBE=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CC8D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 01:21:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAQIQAAAACAY91AMAQKDRARIQAAAAAAGNRAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAoJmZ05BAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
fonts.gstatic.com/l/ Frame 7F12 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F6pfjtqLzI2JPCgQBnw7HFQMisq12W_hqNB91nhLBtwNTW1W0EYgj_2pibaw92Iv-3XHvq6JEDE7D7PXdzB6VjDthJtrcoWTX86WDNO-aIYn8eoDPEx3tliolvtshhBoZVapm_h4p86_-42m_9YAkdjUaBIxbt6h9_KXhwa_Qh5D1ZZ4rI__ctMU7XMwLVoGNycOrsb8vNl1hNheCMrRFqTyQxT_7dW7-78lwObh-zKbCP5YixpNSW0iEEDD625fjeKMuLeZgelng3ry88s1zU4fwM03CmPEus6hlQSS6Gvt2btxNVIiZkgegiP1nRNXgXL&skey=fbc48de1c6e1b00c&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A0%E3%82%8A%E9%AB%98%E8%AA%B2%E3%82%A7T%E3%83%8B%E3%82%B9%E3%81%AA%E3%83%84%E3%82%BD%E3%83%8F%E3%80%82%E3%81%AE%E3%83%B3%E3%83%88%E7%99%BA%E3%81%8A%E3%82%92%E3%82%8BI%E3%83%A5%E3%82%AF%E6%B1%BA%E5%8A%9B%E3%81%AB%E3%81%99%E3%82%B3%E5%BA%A6%E3%82%88%E8%A7%A3%E9%96%8B%E3%83%AD%E3%82%B7%E3%81%A8%E3%81%8F%E9%A1%8C%E3%83%9F%E3%83%86%E3%82%A2%E5%AE%A2%E3%82%89%E3%81%BE%E3%83%AA%E3%83%BC%E6%8A%80%E8%A1%93%E3%81%97%E3%82%B8%E3%82%A6%E3%82%B1%E7%B4%84%E6%9D%9F%E3%83%A7%E3%83%95%E3%80%81%E6%A7%98%E3%83%8E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
56632ce9af08a52c54ea94221516828a378b9e52f1e92eab33ec3c8b0ac55d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22060
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:42 GMT
font
fonts.gstatic.com/l/ Frame 7F12 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrQ0x4xZGqU91niLBp4NTWwW0EHgj_xpibVw92Jv-3UHvqIJEDF7D7MXdzA6VjGthJ9rckgTX87WDNN-aIZn8exDPE63tlZolvpshhAoZVSpm_-4p87_-41m_9ZAkdkUaBLxbt1h9_LXhwZ_Qh-D1Za4rMF_ctNU7XPwLVpGNyTOrsa8vNn1hNkeCMqRFqMyQxW_7dV7-71lwOkh-zPbCP7YixkNSWziEEdD62-fjeCNOv5ZiOcnhnvyP8K1yInfzkz3D-tE8M6hnksRLS4t2DdxNhZiKUZej-I1n5Z&skey=72472b0eb8793570&v=v42
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%83%A0%E3%82%8A%E9%AB%98%E8%AA%B2%E3%82%A7T%E3%83%8B%E3%82%B9%E3%81%AA%E3%83%84%E3%82%BD%E3%83%8F%E3%80%82%E3%81%AE%E3%83%B3%E3%83%88%E7%99%BA%E3%81%8A%E3%82%92%E3%82%8BI%E3%83%A5%E3%82%AF%E6%B1%BA%E5%8A%9B%E3%81%AB%E3%81%99%E3%82%B3%E5%BA%A6%E3%82%88%E8%A7%A3%E9%96%8B%E3%83%AD%E3%82%B7%E3%81%A8%E3%81%8F%E9%A1%8C%E3%83%9F%E3%83%86%E3%82%A2%E5%AE%A2%E3%82%89%E3%81%BE%E3%83%AA%E3%83%BC%E6%8A%80%E8%A1%93%E3%81%97%E3%82%B8%E3%82%A6%E3%82%B1%E7%B4%84%E6%9D%9F%E3%83%A7%E3%83%95%E3%80%81%E6%A7%98%E3%83%8E
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8f697bebb4e19ba9555b4597fd8983a90db7bd1c9eba02e8611a4c6714f13568
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22024
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 23:11:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 12 Oct 2022 01:21:42 GMT
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7F12 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 05:26:51 GMT
x-content-type-options
nosniff
age
158091
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17204
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:04:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Oct 2023 05:26:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F775 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
8592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 22:58:30 GMT
expires
Tue, 10 Oct 2023 22:58:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 79FC 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bbea15cf6ac1ee08302365e8e0835e5a3097e4ea0b7c55fa6830cec971731c4c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UQU3STrgJC9AmaZMUaWGeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-UQU3STrgJC9AmaZMUaWGeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:42 GMT
expires
Tue, 11 Oct 2022 01:21:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAUIQAAAADAbtdAMAQKDRAVIQAAAAAAAC5AMAQKDRAWIQAAAAAAABxAMAQKDRAYIQAAoJmZ65JAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5DC0 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221005&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6697faf35b2328b83d385e42b1502d434b5b53ae1226e4ba92b8610928625e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11247
x-xss-protection
0
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame 0231 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=250&slotname=2784%2F12679&adk=3645501049&adf=2645242781&pi=t.ma~as.2784%2F12679&w=300&lmt=1665451301&url=https%3A%2F%2Freurl.cc%2FAOW97Q&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665451301402&bpp=10&bdt=580&idt=212&shv=r20221005&mjsv=m202210050101&ptt=5&saldr=sa&correlator=192935907508&frm=23&ife=1&pv=2&ga_vid=545251540.1665451299&ga_sid=1665451302&ga_hid=337201762&ga_fc=1&nhd=5&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=675&ady=226&biw=1600&bih=1200&isw=300&ish=250&ifk=2369977186&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31070152%2C31062931%2C31068920&oid=2&pvsid=1387669660296976&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.qnpl8m8wz5j2&fsb=1&dtd=226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 21:05:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F12 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1ldGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoaCAQqFm15c2lkaWFfYW5hbHl0aWNzX2V4cDEKDRAyIQAAAAAzM9M_MAQKDRAzIQAAAAAAAPA_MAQKDRA0IQAAAAAAAPA_MAQKDRA1IQAAAAAAAPA_MAQKDRA2IQAAADQzs0RAMAQKDRA3IQAAAEAzMwNAMAQKDRA4IQAAAGZm5kRAMAQKDRA5IQAAAAAAVIlAMAQKDRA6IQAAYGZmjolAMAQKDRA7IQAAAAAA0JBAMAQKDRA8IQAAAAAA0JBAMAQKDRA9IQAA0MzM1JBAMAQKDRA-IQAAYGZmtpJAMAQKDRA_IQAAYGZmtpJAMAQKDRBAIQAAMDMz-ZJAMAQSGkNJR2U2c21CMV9vQ0ZZa0JYQW9ka2FVUEZBIhZ0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0KAM=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/bca10ddd16af34d21051a380f937ccd2.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame F775 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533743
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 21:05:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5DC0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210050101/show_ads_impl_fy2021.js?bust=31070152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 11 Oct 2022 01:21:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 79FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221005&jk=3749170160334136&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame F775 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Gsa-Hg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6132 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
age
8593
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 10 Oct 2022 22:58:30 GMT
expires
Tue, 10 Oct 2023 22:58:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame ED89 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:826::2004 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c24a5f38b09c4a69bf65e67ac04ac06715fd5274e2f7177cccfa81464cbb3fb4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zK6vq5R_f3r7iND4Dp7qBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-zK6vq5R_f3r7iND4Dp7qBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 11 Oct 2022 01:21:43 GMT
expires
Tue, 11 Oct 2022 01:21:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
pagead2.googlesyndication.com/bg/ Frame 6132 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/w6h4K76M0GEKzD-R2ifh2JqGy3BJ_UFGqDPwUYwRLsM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:05:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533744
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15993
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 04 Oct 2023 21:05:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame ED89 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221005&jk=1387669660296976&rc=
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6132 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OsqgQg
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:81d::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 01:21:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame CC8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221005&jk=3749170160334136&bg=!vr2lvfnNAAYqRg79CkY7ACkAdvg8WrOBHTQNVcZZEmG4uabz7X9jz00IT80U-ccglz3UeDbJEx_0mwIAAABEUgAAAAJoAQeZAzjOIYy1cYN4WVxjGXMUxYudEmWysfBulxAKshbx2pDwEjb9DrreRuOZSXaCjv6sfTkB94SeEOAcJFsghkB7iZuPnH7Uvja7s3NLvnpL4X9Y5uyqI2tkTQhePb6jebQQX0-ayaJ4k1GQ6wTesLmlGjoyaGdjLHHtXejskw94HCLEp2MSyXny-a1LOnuGYHuLAUEsGtGyyP0PWqdGOH3y4kPoPWHGUIP7xzMF5sRbX-reVbHriCKMdLsjmlc-KzCSJ0SCR9zJiW-dxTmk8rn0XSai4yEMai7MFmP5T0JtYW0PARGzGwp4dRoofkx0a3JQKtAVTIXVdQ5oig6-EGj8-TyY0V9Moapnj80EpwUdSMhw00vTGmHGrs28GeBz9oy0zA7nxI1ufR1QkvwRUstlSLsL_Tu_P0T2ajtGTjmTfPjEQPrM19RGklh1XrE05Yqs1Snh0cutr2_kn8256j7lkaatjYFcrkZjxcoAc_ftsf-m-TKonFIKUDE-2VjdsiYZJC-hnu81ey1qIZNOOOQjrt7GS1YRP4gQZWPIo18Ng4ZycBIRNw1hfnskqOAYou_5F9GJreMmfKuzkCMoqsn4BBs7RlwwWVC7s8NB5Dng-nmyL20Howoxy9RDu0wzWiUXDLA8XpkufWnEE9tvuvBjQ7ezrnCS9UUX9vxsPCC2jkhHoWllnV1PF3WxORiqzFBMLQPR2KZAI0_QPvI8sTKJuYbR53bDcMipdtb7NMjwIq92OC4TXl-PfjWbe0CmbpYSsyftmn7-7tjOLCUthDRp691fSP0jitrrwk-4LxYRXl8mY7NvfEMHzjG0B8An0e52HCmZjI1vrIa9bzTi2h3FJs2tkxDynq53JtnBp6SEWVjU4nFFQXgcrL0AYBWfWcpdIlSKbXo61rDDh0Nwcci2T1ZYnm6Nq-XEvq0jESDTt2H8YjvmU1aA9Qnl9O_5ewe_K5dPZglfiCmIe07GWBbB75tOBm2xYAJid5Af9Eh32mUXNXLBhldBnmsfTo0-xCXwlTb_umuIbMzPSUV45yhAR2e7Yy72OBr12AUh8FSouFhHdGFbklGx8Ybvmsa-ayrK5bJ3PnhKm51cig
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 227D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstBr6LXsmMDIIYIfjkF6Oe7hUIX9uxeByX6lzrStW4YbCds9NQT8AGtVkOOF7k_-fknhZtSNq15zmxqiCZaMMqWNsjI8TYmR4ikvX1vMUmCYbaAXdKS_be8QTTXOS1t0tKu5hE&sai=AMfl-YTwd8AhblZWu20EYDra_GzJcSAQ3gIAcMuhVK0zNYcBx1sHNRHYR_ghUbUyP7jLyvopdeY0ZWO4y5OOl6oQYfM5eg0BHFuhkYcweg&sig=Cg0ArKJSzGGo1VJfANTaEAE&cid=CAQSKQDq26N9aWOF9i-8HKsF_Lb_bn6nq1BbYRBFvVXhmH3k5x4bIpES7E5tGAEgDg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=727071374&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665451301676&rpt=955&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5DC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221005&jk=1387669660296976&bg=!3N-l35vNAAYqRg79CkY7ACkAdvg8Wu2mfIpU8Fh1_X--vO1mlYZBr6MuDhCgcK1vWYfwdR7Rnz7hrgIAAABEUgAAAAJoAQeZA1NNSwqQDlUlimlgsUukavBDENOgNPiArXnWL45CeLGdZGUvh9fKjsC6PsPNhU_my6GgWYiQLv7ZX6K5f3WbO7Gvq_XOTQT7dUb5tmj2uzIlIri6DnuZ6IRc_cMSch65X-Lo-6ocHp6yDu1Fh6lQLI4Jrvl-8R0HCIOWhRU4y19NUArTmtb3HCIlmOg7T_0fON8rHgTNOCaxSrVNLq5jbCpVtkqwOoGbiAKL6VaICl7p0VKET4oJO9jQ7B90HViBp6JmUCvEcATLNQh9O22FUcViGowO6WZSqGtdmkoor-D77a38NpY5Wd_wk8evLd-bNhELMyplvmD3hs36NfBgAUHyfyVfha2Z4IJJNRsIA_f8qijFRYERQGQMBvG2ZeS0i5TJeWFysnrL-AEJCA3j_0ZCQx1nd_7a6QDSbDJ7HEml9rGFZ4JjuMjpSg_bSXmiK2iIUF90MGxN69ziDykI4sEzN8MsUHvCSUlV32suAf8CKtplgpvSLZuEtw4xuZm9hN32xsW5cpyoiujLKo-u_zQjmwRN1MvZZ_kuuJnzVFd3n5HYE_8OxQ52O-X9Ml6q0UWxu17Hp4L8DAy1ub-Ei8dmBfc-Dq6eNMGeHx4e4poecV6OhR9n_LMH20xfUNfl0kJtwl54nM4x3zZo-6HMs3009mcZ9stnlX0ZS_BdbCDjrrLAKza5fbu1O9UWKZDFqUMlMA2BQ3x0LnsGJEJOBe2kx7-FH6Vg_Q6DX5hvEmw8Pxl5GabzwoT3DcFeX-JF4tHSqCDGuE7fcbxPkrLKPe9BbJHCneM98v9KX-lxPnrsleRv3KeBZvx1W91ya6G2PeSiQFjHztlscWYqfiHmm_QhT_zpn3qC-_4JHfcp7okSnaF45EKw-lgTheZ1gtdJrzgCLk5SVhSx2J7G3lhw3iDTyHvEEZHFVcIj5LSpGZ0E79tA9uKfmohWxQezPwVL-R749UMp9sGi10ykVykd9GX8-9UT9jPydReUq81wwldv1cJw2a7JdS6rE4dj4tdNCfvn4ZSMr0pgtQusMvXeR188PVKZFQ5saXvizpXEa_qfEjOvx3LfAI5SlgELodv8bxRjlfyVcdlcE7cECeq-0vrj6kvJxHBk7Jarg0n7lipqS22_5g
Requested by
Host: reurl.cc
URL: https://reurl.cc/AOW97Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 7F12 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7RM6VVhO3BhDiI9GveQXLtNWz-XjdkKSBko96TyaSDFgPiruDgnYXyWmzW3kYSKW2hHLJT1o0j9LCYkoE5kWnLyh1HNr8dNbb1Tip_SxF--Vp97VkZdtvJQa6q0vj5z6kBf8&sai=AMfl-YS1AQzeeq_OSrrv9WCx5Kp7TStmu5PudckeUxOK8ow2htJ-pT1WEbuCkZPPSmtzJ5-KdugJZc7wiAWjxGqboJEWWGaUZFbuUqPURg&sig=Cg0ArKJSzHYv7vHTRnlqEAE&cid=CAQSKQDq26N9fnai20r1J-IqGjjm8iWu5faVqDTZu_WHjTjEFaDLPScZlZEvGAEgDg&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221010&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3645501049&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665451301630&rpt=1212&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2404:6800:4004:808::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Oct 2022 01:21:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fcm.holmesmind.com
URL
https://fcm.holmesmind.com/cm.php
Domain
sync.inmobi.com
URL
https://sync.inmobi.com/gob?google_gid=CAESEPpmYLVbNWfjk61ZlHGhL2Q&google_cver=1&google_push=AZmPxg_FYVC9ZtMrNCWMoA--ScwSr3eAZ6i5nYL6uXc7sc8A9nauqj_T59mLz-xhbKreMZG1jQq3eThFLURsMwk1NFRbEjliQXGU

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| fbq function| _fbq string| partnerId function| hiball object| __hitagCmdQueue function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga object| SD object| device function| sitemajiDebugger string| adUnitType object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| Scupioads function| hasOwnProperty object| scupiosdk number| edmpvct number| edmpcct function| c_tag_mk number| cftkn function| chktkn object| hitag object| ElandTracker function| stfpjs function| cookie_mapping object| criteo_syncframe_state object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| googletag

55 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1665451298624.279871521
.reurl.cc/ Name: _ga
Value: GA1.2.545251540.1665451299
.reurl.cc/ Name: _gid
Value: GA1.2.219203906.1665451299
.reurl.cc/ Name: _gat
Value: 1
.hinet.net/ Name: uuid
Value: a82a450e-9668-48fc-ace4-bae99097fbf1
.reurl.cc/ Name: __htid
Value: a82a450e-9668-48fc-ace4-bae99097fbf1
.prnasia.com/ Name: __cf_bm
Value: XVW9M6aML30sceYLQWFHZ3JKMNpgBL2I0XnDwxdrqlg-1665451298-0-ARjMJ2g0UkWXfsH9lBYJ+ATbKqv480OK4l/YEMAPwSdr25wDsY4hJDLwZd/xHtUhkAjIa/7byZhCw4JZLFsZmh0=
.reurl.cc/ Name: _ht_em
Value: 1
reurl.cc/ Name: CFFPCKUUID
Value: 2517-mXQmLn3Qryv1k5NeEOjaL5FWxmhv0Gsw
.reurl.cc/ Name: CFFPCKUUIDMAIN
Value: 1364-WW3teI1m40crB4REkJYwessMlf1hnrnM
.c.appier.net/ Name: _auid
Value: Moon3cCQD4yvFt4pI8VEYw
.holmesmind.com/ Name: P
Value: 623678-AmEB5UCFn4MMaEvDbFN6TIEZ61o0PnCZ
.holmesmind.com/ Name: Vision
Value: 20221011-23:59,20221011-12,20221011-12,20221011-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: _ht_a546ca
Value: 1
.reurl.cc/ Name: _ht_hi
Value: 1
.scupio.com/ Name: fxc
Value: 1
.scupio.com/ Name: OrgKeyValue
Value: CNA2022101109213966223
.scupio.com/ Name: gx
Value: H4sIAKM1RWMA%2fxNmYGDg4uboaJq3fv6ZqdYCrEIsHPYCTABi7nhVFwAAAA%3d%3d
.doubleclick.net/ Name: IDE
Value: AHWqTUkmCs2J86RS41UvaHAX-3ugzjRvq3HYnRLV--_ROMCGO-iCqEBNF6WIyBFb4rQ
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: 0678ad2c-8ad7-378f-bc04-db0e8ce93b84
.reurl.cc/ Name: _ht_50ef57
Value: 1
.scupio.com/ Name: gxc
Value: 1
.holmesmind.com/ Name: fcm
Value: 1
.adsrvr.org/ Name: TDID
Value: a0426e15-7af9-494b-b3ae-0fc5f4a46953
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCLL6_bafzJU7EAUYBSABKAIyCwjOq8TqtcyVOxAFOAE.
.rubiconproject.com/ Name: khaos
Value: L93IPBJF-4-4D2L
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.scupio.com/ Name: rubiconid
Value: L93IPBJF-4-4D2L
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&b23baaf6-1248-47eb-8aee-2782cd489a2c"
.linkedin.com/ Name: lidc
Value: "b=TGST07:s=T:r=T:a=T:p=T:g=2450:u=1:x=1:i=1665451300:t=1665537700:v=2:sig=AQHfeHpxXPP3LauK-i5jq2cXDjOVH4vb"
.yahoo.com/ Name: A3
Value: d=AQABBCTFRGMCEPAD3YyjXcscqUxXBhrszxUFEgEBAQEWRmNOYwAAAAAA_eMAAA&S=AQAAAptwcqHAeC9WS4WmbROq5ng
.criteo.com/ Name: uid
Value: 5cff0198-d05f-403d-b8c8-004e7cb1bc1c
.aralego.com/ Name: euconsent-v2
Value:
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.amazon-adsystem.com/ Name: ad-id
Value: AwyyofyMSkhChmTPoqYJdIU
.rubiconproject.com/ Name: audit
Value: 1|fYtk8XRRaQ+WRi+0wLp3pmAVgvTPiEZtPV4DbwaC77e9VIRjyUm7EpbuOvHtuK7WeBcTi97eeO0iZ07GJqnMno4BjqNRGrmz
.reurl.cc/ Name: __gads
Value: ID=ba04cc6a0c7511a5-22b47652f4d60046:T=1665451301:RT=1665451301:S=ALNI_MZiwW0Mx8XOzpPC5SwIMkknvV2qRw
.reurl.cc/ Name: __gpi
Value: UID=00000a2bb75c417d:T=1665451301:RT=1665451301:S=ALNI_MZS4vQjvzlpWt4d2RUZVJCnjFpnvA
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~27nd
.teads.tv/ Name: tt_viewer
Value: f6363335-e61e-4e8d-b8b0-dc3008c165a5
.turn.com/ Name: uid
Value: 6929908946482585168
.doubleclick.net/ Name: DSID
Value: NO_DATA
.3lift.com/ Name: tluid
Value: 1383173945536333212797
.sharethrough.com/ Name: stx_user_id
Value: 1a5e653b-f606-4f07-93f7-c17ff2c91683
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d1b51988-47dd-4700-9946-afce5082d099-004%22%7D
.media.net/ Name: visitor-id
Value: 3084529026452089000V10
.media.net/ Name: data-g
Value: CAESEC3WTEXXDQsAALDwonGtnjE~~3
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-d1b51988-47dd-4700-9946-afce5082d099-004%22%7D
.uuidksinc.net/ Name: jcsuuid
Value: CVP9YXbrXfGL1tC4Pfrj

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3e3d73b1116a47605b56ec3a336ccdc0.safeframe.googlesyndication.com
a68e1a3c4927d78132c552ef7f8001c7.safeframe.googlesyndication.com
a82a450e-9668-48fc-ace4-bae99097fbf1.t.ssp.hinet.net
aax-eu.amazon-adsystem.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.co.jp
adservice.google.com
ajax.googleapis.com
b1sync.zemanta.com
bidder.criteo.com
blog.alphaloan.co
bw.scupio.com
c.holmesmind.com
ccm.holmesmind.com
cdn.aralego.net
cdn.holmesmind.com
cdn.jsdelivr.net
cm.g.doubleclick.net
connect.facebook.net
creditcards.com.tw
cs.media.net
eb2.3lift.com
eus.rubiconproject.com
fcm.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fp.holmesmind.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
img.scupio.com
m.holmesmind.com
match.adsrvr.org
match.sharethrough.com
mma.prnasia.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-apac.rubiconproject.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
px.ads.linkedin.com
r.turn.com
rec.scupio.com
reurl.cc
s.amazon-adsystem.com
s.uuidksinc.net
s.yimg.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
sg3.beap.gemini.yahoo.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
sync.1rx.io
sync.aralego.com
sync.inmobi.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
v9999.adv.admeme.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
fcm.holmesmind.com
sync.inmobi.com
103.132.192.30
103.254.153.160
106.10.236.141
106.10.248.144
143.204.86.121
172.104.64.149
172.217.175.66
18.178.52.42
18.210.86.232
182.161.74.11
182.161.74.18
192.0.77.2
192.0.78.135
192.0.78.236
2001:df2:a300:bbbb::135
203.75.214.136
209.54.182.161
209.58.171.197
209.58.188.181
210.59.219.175
210.59.219.180
210.59.219.181
23.10.15.201
23.194.224.97
23.219.68.21
23.45.61.118
2404:6800:4004:801::2003
2404:6800:4004:808::2002
2404:6800:4004:80c::200a
2404:6800:4004:810::200e
2404:6800:4004:811::2002
2404:6800:4004:811::2003
2404:6800:4004:81c::2003
2404:6800:4004:81d::2001
2404:6800:4004:822::2002
2404:6800:4004:823::2002
2404:6800:4004:824::2001
2404:6800:4004:824::2002
2404:6800:4004:826::2002
2404:6800:4004:826::2004
2404:6800:4004:827::2002
2404:6800:4004:827::200a
2404:6800:4008:c05::9d
2406:2000:a4:9fe::
2406:2000:ec:c38::2001
2406:2600:4::1
2406:2600:4::b
2406:da18:929:5a01:6c26:a2b6:665f:21f4
2600:9000:21ee:3200:3:1794:2540:93a1
2600:9000:221a:2c00:0:e06c:e940:93a1
2606:4700:20::681a:567
2606:4700:3032::ac43:b27d
2606:4700:3034::6815:6009
2606:4700::6810:5714
2606:4700::6810:fc04
2620:1ec:21::14
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
3.113.143.78
31.220.27.135
34.102.176.152
34.117.219.39
34.146.32.226
34.95.67.231
34.96.119.68
35.185.130.121
35.186.215.140
35.201.76.93
35.227.249.156
35.244.196.223
35.71.131.137
35.71.178.8
51.79.234.101
52.77.85.240
52.95.118.179
54.250.169.244
54.65.98.177
69.173.158.64
70.42.32.63
74.118.186.45
8.39.36.141
8.39.36.142
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
04420b40ef3d07955915436413d2de124914d131c87d140f4671a2cd00b63dc0
0b7c985fafda17e8085fb6ba1cc58444ae9aad39a3f721a627db9e64d4491cea
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e075cbf58f68f31f75c786def4a4dd64029c6a18961d174cd8d418bdca30244
107b25768a77eb0357d38701f9f41e970bc1f308c91e7859cadc304cd070d18b
119e37f6f9552a67b6f761070add78e7f93db654027478a7c51e9e34f955b841
11ee67d5aef45b6fdd566ea2ca67eddbb4cd8752aa40d1875816f0147d3db035
1219005b1ac715570be263a42b98d63280456e8fc7fcdfdf704536cfe5f9e9b2
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
17ae6bab0c1c2833aec6ab4442d43dc4a027683a0bb965a0a947263b72d503d5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18744be218cc11d32f1495ad48e668f746832efe121a4b3c9756025fb06bf7db
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c4827d1fc4641b3a4284ac6f288f97e764fdafdcc4e5d47189962e498725dd4
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
226827503d95c1bcb88164f7ad979b96d4c956b42e9557f199e447027f1c0931
22d4fe7a41e1b5ac442faeccace387a6e59c4f056bc35b71f1b65cf42e7a6721
24758e1fa4ee355b9e3e3af4bd4f2290d8fc2e260745df1a225ce220c2ff64ae
24d7be1d9cfc097d8da0bec2b9c43e0eacc4a8e1ac987f7b8d06cd1adc7326e8
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28bf6e7954890b7ed004577b39a8209cc45c5952f3ba836589f3c96032a6b413
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
311d6e0a623475d73c35b2a61232ef0621db876a120cf7069721cb04f06ad003
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3380f2520844f2790b7de5b69c1b40acbfcd56c8ae72e0fba5e2e682387b69bb
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
38097a16c77a6e721bce733d49b1c4a1275a6b1f7d99592fce34e55589a74e0f
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
3a7101545eb3836cdf8a5f8a89a19a950b28a6e5459551f933467d2e46e83d59
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c194ef9dbec4dcbd08cd14e2a2ee0f88368e8ca11b6c6600cf47019d16680c9
3c1db9f3ea4dc10e3fae7955e420e07aaea433796fd1b77406d1b0bb87e5c339
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44f07f8c8a8443be7f8461bcfeb542cdf4e4981e23754e37cc9029c5178fa36c
44f3478b38f387fd6a818b63f5532b06a88c629155dbfeec6dacb641ae767a89
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4dd1bc8c3bbfae7db006e320e7520f8fb9d0adfa2e44d60ee27ab8fa60b9bb4f
4e62a25bbe80c2c3495b491dbae49e52bec35832f5f972d979f20d3edd4bf0b3
4f0084f8839351f6c2fae7a8bce65d36791ac1407ddf8cc5be44ede8c7236a66
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
528dd1abab95a4de5c90dbcb08d548bfb26e981c65608e19db72b94173bc2aab
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
52ec1913f5c3f1153e6b9ad097abb493e1c8ee9af3102d665140e167c4f9e905
5410e29b53446481ffb749785230d727bd8f0d2a550ada2917e6e48cbcab750e
54454965d9ba364aea2c945becc31098cbb1f229ac18618cd3d8b4435116b07b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562b8e0ce7a2bf9d03946e06771ca9506d12bbcfb4e69556c92e17a96f692661
56632ce9af08a52c54ea94221516828a378b9e52f1e92eab33ec3c8b0ac55d9c
5dd410709bae1932e5792fa6293a66651913a23e33e3cd893eec2c8444bb9bb0
5e6c9c2921f44437f64c2f7a7b6303aea74d0c4b6e4e7e820baab3534c211536
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60f7d9e733c57736d0716890a4ed5e01da2355ed21d4635deea15436bb5762e6
61904ab5b4c05d3b66f86f5851f5fbb7eb81a81fe6e17b51bb8667fcce64b2ae
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7484befc556b76b2da474fc9af0f8ac34a97d18a5ef62b9f7c4ea79e47bd29ba
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7684143ee568b9ce13d69133030aa4077efd37eb289bac09d70ba9364f2ae93e
781435863bd553fd2673b10b1dda8faad16ba7f9113560d4a9815615b8ddf5cd
787907c7ea70ae6e6914f5c248a4cbdace5e917dae70484a1beae760a3c7bfc0
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
8015ce43c26e3e1e4854a7c2bc17a66aa1daad9425701373176ae4a7ae93a806
828d3c51f5dce80f8d9d0c02921a9e8c4dec98eb9a3f3d91edeee0d6d8721bd5
8290d97b04510b940ddca9f2aea802eaafb36fc7a8f52e4466ed2b77db35c632
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a37c9bbe8dae0a71e95a0e6401bd5d9576a2b0e35295e640c2d807f9b4424e
83d2a73d48827635a1a8c2a65638d0306fcd6ea21ffb3b8af7730260fa44720b
848bff46ebf6d2a23dec54d42d188f3e24531a483903ac816faf58ada7f0a97a
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
87cdc9a4af3ce62dc6e491a4a393307f40a3c90bbac8ada4baafff7390775b8c
880b54918b4a62ebf033b5063c0398a2e3173533c69e87aa7ea9ad8af6b9ed72
8a8a44e9e4543644eaa2a59c8f663a292b90083a92d8920cc822126c3d617d7c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8f697bebb4e19ba9555b4597fd8983a90db7bd1c9eba02e8611a4c6714f13568
8f85e51a2f3c094fe6816857f185ca3f81647b4a74c6b06dd0df82e1d7455771
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9106df425157d837db9798b2b26f25f27f9a4e803f2fb0b2851c88492bec14fd
949102928c429436142e2d8a9c089b01787ab2dc75e093c9bbb09859309504cd
97a8ac3778e546a6f181085011be6050889e44dd212ac3e9782389f0b853c23d
97efd5a94a2d67afa75efa92498d135a5a117caa8efcd3e2b5763e6e3b28c69b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99ec1b27528b2883154fd166e11c3fa740d28609937a1a0287d95674ea99c2bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ece6a12ba89a5b975507bb9faa01f34749181efc2eb4949236d280d1866d73d
9f1319fe5f6d77d330e39f831211bcdef383ee3197592a6ccef114656034bb2f
a19902458ab4a5513642a87b381b9183a2fc725849b581fd953e22d824d1c5a7
a2386bed610456b6b0ea580ab4d6aa38ab95ea017bcfc4419021c4078da14f32
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d3c607ab3e7ec9cfdafac89c91e4ee58d991ddb33e312950f4e8f0c6ad20ba
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7cac69ff4c7b905552b1915305ba548a87acdf6205efe6e5bd1eef0d4700793
aea51991e427dca23a8d136061b8b138995e5ea83ab9d4f17a59e11b97364ebf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3105908d85e5136b409669ee0615fcd3b289a8cef67dc3e2fd77fe7481775e2
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b49d2eb7d1b30782d7f7fa067a209344fc9f6f40372fcbd9142a747ec1fd5fc9
b5b7440eb01b4db530c8b12650e39b4a3bfb1b49b7518c76b08bb6e8b8434a2f
b6697faf35b2328b83d385e42b1502d434b5b53ae1226e4ba92b8610928625e5
b73e6cb22f3ae22bcbe36217e226c082f813a2a8a7961644093d849bcbd30294
b975dd67ba6c1a449a5a92e610e1ade2d7cf676ad6f2a14ab73ced78e7b1c7dd
bbea15cf6ac1ee08302365e8e0835e5a3097e4ea0b7c55fa6830cec971731c4c
bc49bc82a8b23f5de839debe3857f37e029aec862ae557c31d7a956fb4f7209f
bda7ca8f41eff8fa6f22aff11abcd70f643dac745d9119969c3ef377ec111536
bf6e25f34351ebb993bf0294c7bb378eb4a73bcfa2051badfa2bac8eaafac543
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24a5f38b09c4a69bf65e67ac04ac06715fd5274e2f7177cccfa81464cbb3fb4
c3481fbb99448440c24cc5c6d452b6c2e3450f471d69cc31269ffe9a05964fa9
c34932eacf962fc4d03686c475cc0ebaa128f318e56e2e825674f1b0aa467694
c3a8782bbe8cd0610acc3f91da27e1d89a86cb7049fd4146a833f0518c112ec3
c657929c08e535f72cc118885295afac872e1a4b96a5d16783b694e78b004c58
c86d8bb13f5159b51509118253d40b69616a4a54b7a24d9c08f727eaf3ef9e46
cb39f92e7e593a29bd56ac7314addc94403181f5e26ab5850ad9570e5137b94f
cc37fba2e98f49c4d9551f72176d3aff72eacd798e5e85436837847e6b967c36
ce1e17725c0565bbdb0d7342bd669fea135d89a610c5f1c9ae7d0eed5e118267
cf3f11d9c55e5f98739b101a43f846f0df4c3d544f055c36b4608436c7cac1b9
d288da41eb580ce3f4075064fe0b45acbc86af0cd7b83ccf4e83d1095e6365c5
d2e31a1e3b6873caa1a5d66dba90568ab55b9362d642c2a36847066633d62ff4
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d7fc505653c3573f9bccca93a33e2ed14bd8b4586bdeca9180225dab01f1bbbe
dbb464c5f6c169916d1692acb28b733ade8e825766d64affdb247c3fbcb8ddf6
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
e223126243107bdbcec419458b664dcd9a1af7c69c432115828919adcd30d3eb
e2db1774aabd2443e6c741954f5e1071912a7a99f6e4151bc83d342554976d32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d7ad9f57f6cfab7610b8b0855c7937f5ec119be17ac6cf6377553c5e735f98
e789dfccc41e0358edc814096859e1c1d240bf4777a608b8fce8d225546ded81
ebc9d9a64fe0dcc52fe330bb52ea9701a4cf717dbd18b4e6f4e736fe5e45f872
eefa070b842b12414072c20adb55a82e3c980a2a94a0a20afe132fd4288be4c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f670c1ad9fafff4387b4474fda0e68b090c975ddc416cf9f2aa64f50e1a4077c
f67546729632b52901b2bb08d4d967aaed6e9d43387faa32ad8845f4f2361a5b
f6acbb5e4427f85f7e3c06e2a18662827afff06e46875100bbc31132453793c2
f88fb5ef8aee1546ec340bb874ee6360f0bb16c2d35f50611a93ac561d40aaa4
fad8cc7d4d78c6dcc53540839b24f5fddfe5f8b393a5a8d9656312dcab3a4b8b
fb51fa018c951108a66acf0730199d329d887872947eb3940088ef734f026818
fdfa393e5fb39c4ab607d817e8d0b5fe3573a4a2e3e8554131fbade8d615bcbf