urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 08 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 59 IPs in 5 countries across 45 domains to perform 228 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
3 151.101.65.229 54113 (FASTLY)
5 34.149.98.30 396982 (GOOGLE-CL...)
1 151.101.129.55 54113 (FASTLY)
1 172.217.175.72 15169 (GOOGLE)
5 18 172.217.26.226 15169 (GOOGLE)
6 31.13.82.36 32934 (FACEBOOK)
1 35.244.196.223 396982 (GOOGLE-CL...)
32 31.13.82.7 32934 (FACEBOOK)
3 172.217.175.78 15169 (GOOGLE)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 172.67.150.31 13335 (CLOUDFLAR...)
1 104.17.238.194 13335 (CLOUDFLAR...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 61.216.47.122 3462 (HINET Dat...)
1 35.190.31.54 15169 (GOOGLE)
1 99.84.133.103 16509 (AMAZON-02)
1 192.0.77.2 2635 (AUTOMATTIC)
1 192.0.78.236 2635 (AUTOMATTIC)
2 216.239.34.181 15169 (GOOGLE)
3 64.233.187.157 15169 (GOOGLE)
2 142.250.206.195 15169 (GOOGLE)
1 182.161.74.1 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.102 16509 (AMAZON-02)
3 142.250.196.129 15169 (GOOGLE)
2 4 172.217.26.228 15169 (GOOGLE)
2 182.161.74.11 55569 (CRITEO-AS...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 13.215.134.10 16509 (AMAZON-02)
10 172.217.25.161 15169 (GOOGLE)
8 143.204.126.44 16509 (AMAZON-02)
4 142.250.207.2 15169 (GOOGLE)
24 142.251.222.1 15169 (GOOGLE)
6 142.251.42.194 15169 (GOOGLE)
20 142.250.206.226 15169 (GOOGLE)
1 2 35.72.69.55 16509 (AMAZON-02)
1 1 202.233.84.8 131957 (MICROAD M...)
1 50.116.239.135 6336 (TURN-US-ASN)
2 142.251.42.202 15169 (GOOGLE)
1 172.217.161.67 15169 (GOOGLE)
5 34.98.64.218 396982 (GOOGLE-CL...)
2 116.50.36.71 18046 (DONGFONG-...)
3 13.231.14.23 16509 (AMAZON-02)
1 34.95.67.231 396982 (GOOGLE-CL...)
1 13.230.11.166 16509 (AMAZON-02)
5 203.75.214.136 3462 (HINET Dat...)
1 3 35.201.76.93 396982 (GOOGLE-CL...)
2 35.227.249.156 396982 (GOOGLE-CL...)
2 2 52.223.40.198 16509 (AMAZON-02)
1 1 124.146.153.160 2514 (INFOSPHER...)
2 2 99.84.133.64 16509 (AMAZON-02)
1 99.84.203.45 16509 (AMAZON-02)
2 54.95.167.198 16509 (AMAZON-02)
9 44.233.91.192 16509 (AMAZON-02)
2 142.251.42.195 15169 (GOOGLE)
3 35.162.61.47 16509 (AMAZON-02)
2 142.251.42.162 15169 (GOOGLE)
11 23.36.100.19 16625 (AKAMAI-AS)
1 204.79.197.204 8068 (MICROSOFT...)
228 59
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
3    151.101.65.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.129.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
1    172.217.175.72 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f8.1e100.net
www.googletagmanager.com
18    172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
6    31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
32    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
scontent-nrt1-1.xx.fbcdn.net
3    172.217.175.78 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f14.1e100.net
www.google-analytics.com
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    172.67.150.31 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    104.17.238.194 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    35.190.31.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.31.190.35.bc.googleusercontent.com
www.rayskyinvest.com
1    99.84.133.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-103.nrt57.r.cloudfront.net
static.wixstatic.com
1    192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com
i0.wp.com
1    192.0.78.236 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
2    216.239.34.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    64.233.187.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tj-in-f157.1e100.net
stats.g.doubleclick.net
bid.g.doubleclick.net
2    142.250.206.195 (United States)

ASN15169 (GOOGLE, US)
PTR: kix07s07-in-f3.1e100.net
www.google.co.jp
1    182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.65.185.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-102.nrt57.r.cloudfront.net
tags.crwdcntrl.net
3    142.250.196.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f1.1e100.net
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
4    172.217.26.228 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s51-in-f4.1e100.net
www.google.com
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    13.215.134.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-134-10.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
10    172.217.25.161 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s19-in-f1.1e100.net
cdn.ampproject.org
8    143.204.126.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-44.nrt20.r.cloudfront.net
cdn.holmesmind.com
4    142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net
www.googletagservices.com
24    142.251.222.1 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f1.1e100.net
tpc.googlesyndication.com
6    142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net
googleads.g.doubleclick.net
www.googleadservices.com
20    142.250.206.226 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s10-in-f2.1e100.net
pagead2.googlesyndication.com
2    35.72.69.55 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-72-69-55.ap-northeast-1.compute.amazonaws.com
fw.adsafeprotected.com
1    202.233.84.8 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
s-cs.send.microad.jp
1    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    142.251.42.202 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f10.1e100.net
fonts.googleapis.com
1    172.217.161.67 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f3.1e100.net
www.gstatic.com
5    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
2    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
3    13.231.14.23 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-231-14-23.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
1    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
1    13.230.11.166 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-11-166.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
5    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
d3c85ad0-b1e8-4080-87aa-620fb87a02c1.t.ssp.hinet.net
3    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
2    35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    124.146.153.160 (Kakegawa, Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    99.84.133.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-64.nrt57.r.cloudfront.net
cr-p3.ladsp.com
1    99.84.203.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-203-45.lax3.r.cloudfront.net
static.adsafeprotected.com
2    54.95.167.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
9    44.233.91.192 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-233-91-192.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
2    142.251.42.195 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f3.1e100.net
fonts.gstatic.com
3    35.162.61.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-61-47.us-west-2.compute.amazonaws.com
ads.everesttech.net
2    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
googleads4.g.doubleclick.net
11    23.36.100.19 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-100-19.deploy.static.akamaitechnologies.com
dco-assets.everestads.net
1    204.79.197.204 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0005.a-msedge.net
analyticspixel.microsoft.com
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
379 KB
29 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-nrt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 183638
604 KB
27 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
bid.g.doubleclick.net — Cisco Umbrella Rank: 840
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
277 KB
20 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132288
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925
fcm.holmesmind.com — Cisco Umbrella Rank: 210108
fcm2.holmesmind.com — Cisco Umbrella Rank: 154750
c.holmesmind.com — Cisco Umbrella Rank: 107592
m.holmesmind.com — Cisco Umbrella Rank: 190604
ad.holmesmind.com — Cisco Umbrella Rank: 104322
127 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
108 KB
11 everestads.net
dco-assets.everestads.net — Cisco Umbrella Rank: 6438
96 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
207 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
49 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
6 KB
5 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84860
d3c85ad0-b1e8-4080-87aa-620fb87a02c1.t.ssp.hinet.net
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
255 KB
3 everesttech.net
ads.everesttech.net — Cisco Umbrella Rank: 6344
24 KB
3 gstatic.com
www.gstatic.com
fonts.gstatic.com
86 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
141 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
81 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
716 B
2 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 161265
940 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
7 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
13 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
515 B
2 re-news.tw
storage.re-news.tw
asset.re-news.tw
435 KB
1 microsoft.com
analyticspixel.microsoft.com — Cisco Umbrella Rank: 6369
673 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
846 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1349
398 B
1 microad.jp
s-cs.send.microad.jp — Cisco Umbrella Rank: 17722
527 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wp.com
i0.wp.com — Cisco Umbrella Rank: 3858
107 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 racingcharger.tw
img.racingcharger.tw
185 KB
1 creditcards.com.tw
creditcards.com.tw
48 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
20 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
401 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
92 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20760
42 KB
228 45
Domain Requested by
27 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
24 tpc.googlesyndication.com reurl.cc
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
20 pagead2.googlesyndication.com 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
fw.adsafeprotected.com
reurl.cc
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
12 securepubads.g.doubleclick.net 1 redirects reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
11 dco-assets.everestads.net ads.everesttech.net
dco-assets.everestads.net
reurl.cc
10 cdn.ampproject.org securepubads.g.doubleclick.net
9 dt.adsafeprotected.com 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
reurl.cc
8 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
6 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
google-bidout-d.openx.net
6 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 storage.reurl.cc reurl.cc
4 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
4 googleads.g.doubleclick.net 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
pagead2.googlesyndication.com
reurl.cc
4 www.googletagservices.com securepubads.g.doubleclick.net
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
4 www.google.com 2 redirects reurl.cc
tpc.googlesyndication.com
3 ads.everesttech.net fw.adsafeprotected.com
ads.everesttech.net
dco-assets.everestads.net
3 c.holmesmind.com 1 redirects cdn.holmesmind.com
3 cm-dev-poc.holmesmind.com cdn.holmesmind.com
3 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
3 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
3 cdn.jsdelivr.net reurl.cc
dco-assets.everestads.net
2 www.googleadservices.com reurl.cc
2 googleads4.g.doubleclick.net fw.adsafeprotected.com
2 fonts.gstatic.com fonts.googleapis.com
2 ad.holmesmind.com cdn.holmesmind.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 m.holmesmind.com cdn.holmesmind.com
2 cm.lndata.com cdn.holmesmind.com
2 fonts.googleapis.com 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
2 oajs.openx.net 1 redirects reurl.cc
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 www.google.co.jp reurl.cc
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 scontent-nrt1-1.xx.fbcdn.net www.facebook.com
1 analyticspixel.microsoft.com reurl.cc
1 d3c85ad0-b1e8-4080-87aa-620fb87a02c1.t.ssp.hinet.net cdn.holmesmind.com
1 static.adsafeprotected.com 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
1 bid.g.doubleclick.net 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
1 tg.socdm.com 1 redirects
1 fcm2.holmesmind.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 www.gstatic.com 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
1 d.turn.com googleads.g.doubleclick.net
1 s-cs.send.microad.jp 1 redirects
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 blog.alphaloan.co reurl.cc
1 i0.wp.com reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 www.googletagmanager.com reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
228 70

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-10-14 -
2024-01-12		 3 months crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-16 -
2023-12-15		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
tls.automattic.com
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-11-28 -
2024-12-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
*.everesttech.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-06 -
2024-03-08		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.adobetag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-24 -
2024-08-23		 a year crt.sh
analyticspixel.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-11-01 -
2024-04-29		 6 months crt.sh

This page contains 25 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 2A0FB9C15E5214413AB8D088467A76DE
Requests: 47 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 96E7317B0651FFD84DB791B6FCA47239
Requests: 37 HTTP requests in this frame

Frame: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 208F01E16D138C83938FD5E843ACEBD8
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 20AC58D46BBC422E7D38523A96136838
Requests: 2 HTTP requests in this frame

Frame: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3CDD75ADFA985A099E4A682307C6A7E3
Requests: 30 HTTP requests in this frame

Frame: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 47C7C8CA40A578BE9F845B643920735C
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 6F787E05A8C13CA8E394ADF136175119
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 570F95DBD807D9D42F863858AEB506EF
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT0uhCG1DRryOqplzpE8uMH_xl5zOLCqeKZViUASx5-_PK4CrXmMrj9tkVKLExDPxtUY-MN4ZJHgutSls11jXAOzEywThT_cUwjOm63T1yLFoKdchvwGORgfP9sQpPJ5dQRBoeDOc2z9429wrU5sAiZMkpvi4sU_Zu_ZNLD9yOhD-g7Go4ofuMsF5z1hi_mUXtShgHlTWeDtrVNlFg4WFFZcRf_Ey6GPHX-1okOmhFzRKR7rslX0Rm4TOWMwakZB8SpBl5XDEWWm2IDA4Vg3fFk79P0b0ecKKglYj70NJ9I4zmuA3n4v_9wkjstS-L16SFBWw8A0JPE4TNPaxdC33zS7xqJFdAckkiMdxTSanfaATJLnbJbQ0-jf3mESjX&sai=AMfl-YSzWZKLQJcCtScPIuyMmED8aN07ufnKnprw6wy8WGgDBPWwgJp-qEicgbzwWGrDlMX3gKlYuRA3RilX-YZkqyhcpIK1RkmXsxWfk504uVwlsFoT4VByKcdB7MeJBuaFiIQsF7MAiJloOuthtw9U70S-Ld5TmKXgpPKpBQ&sig=Cg0ArKJSzJ8X_B_gcERdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 045A5AE70D45C70306F2F9A2CA278BBA
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYo-sAftmbj1ykmxJRmH7FoNdK89n6iUJARwhnCNBdaCh_q-W6UGRwFYj2lWyvtcr2psGXHPFHIG56wKxFXVtyNetXhPfI5K1g1OSWd9lgc8kudk1W-I1nxlZFT4I-ca-2eIyLaCHIxu5b6vAl9aNf-KCIwxx2Yx6m8RzJbq1TyYT63uP4odLk0btSWxiy7X0rT2esmHMe_lPIv8xII4zhUlvD0A0GhbUyAt68CiQp1iAjsFtw50R7DLvGLExS8f0XX3ho9LFdWZ3NBBArmQunqLT-8EoMxDCkonqR24T0Qtauj3xnXkpVBcpm0w0jtldneQzNtxebTWjQ3lKwY3b4wzTMrNlhKYFU8nOlLsaZZ_esyg_vW8pu_ntfFRJU&sai=AMfl-YSkvmZqbl-KWa4gPPyrNzuqfiAzIkloIPvIwkk5ZqKZLLxFySZV73itID0a6rhydNnooccVaBr--pEzP7ZSfOV8aRKBAPFZ7b02V9aY_sO-dyIryzPKivx0EfCzT32jjI03llx6Ad4VNRUkheg726dXE5ocVEghW_KJnw&sig=Cg0ArKJSzGRQPs99eiV0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 99C9AF4B953A38B59215134AF653EB35
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY6_iq7gEwAQ&v=APEucNXefie1hFpZml3k-lZUELyIEUfQkMYN5MvPOBS7VlTTHiKaxJOTKlIqn-SxHlatChFyMyj_QVTdmQD2oAncKT6Hswgpuw
Frame ID: 89609527276EBA875245C61B72C882B6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 050AB99650788ED157614BA554C8FCA6
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 3D093D7D9CD3361CE965C5B3C19105D3
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 14D423CF0D993D31B1A4A8FA739EF0D4
Requests: 5 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 321012FD64CD907EBDFD2C39D52ECBC9
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 468081F34F9420764BC0102B8BA9CA1F
Requests: 6 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: B24BE409B55CB227EECB8BDFD1AE9427
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: FD30C051B417B3ABF603E2439DD1E28A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9C1001F4CC6696B25BDCD296B6A1F3E3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: AA4FF9C4615216FFCB0BDD5D325F58B6
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 2869D9866F4E4D2315A0455AF5E6E5C3
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXJeCwAABJp7PUEz
Frame ID: A9AAA79FEB3FB52FA069BC7908ED791A
Requests: 2 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Frame ID: 8BA6A8FB5C53C8B6CB78B3C2711DE2A7
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 85DEE0360C9C5C9A86A67281A9974C4D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4F1B4E82199A45A6E52EDCD4A90BB66C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

228
Requests

93 %
HTTPS

0 %
IPv6

45
Domains

70
Subdomains

59
IPs

5
Countries

4889 kB
Transfer

10052 kB
Size

49
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Request Chain 112
  • https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEFFN8PpZtvbHKr9zIM081QA&google_cver=1
Request Chain 134
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 135
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 151
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 152
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
Request Chain 154
  • https://match.adsrvr.org/track/cmf/openx?oxid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=115a1572-be2c-466e-bc9c-f4f917af2091&ttd_puid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0&gdpr_consent=
Request Chain 155
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXJeCsCo8XUAACUawgMAAAAA
Request Chain 156
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWASAV1TJawXks8AEDt7OFXGtc8AAAGMRr9ZKw
Request Chain 158
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK6w-hqhRh6QQrGBpVvM87Q&google_cver=1
Request Chain 159
  • https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5bf627fb-b17b-1649-df4f-8c5b32ed3ffe,c:wc6PrM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-lr9f9,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:80,oid:a535af3d-955d-11ee-9557-261e33dec9b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=
Request Chain 167
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
Request Chain 184
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=ChqlwCF5yZZj7FLSrpt8Py-yqaM2U4Md0_uSU3qgSZBABINLMgRpgifPFhPQToAHOl6DzKcgBCakCUqzZJufuPT7gAgCoAwHIA8sEqgSwAk_QSTQU9RnjAbfb3RDZBYIqyEMCaA_hGL27sNStgJLws3Gh_gnlJBciPse0HO3YVDTwyVQysvmloEzwbXxnt0J4kWZR61bCXEYWBl_ks2H4vXkuui0QSe8qoPPrTaXPlKJIe20PhkDtzPRRqu6AjMEyUgXf66pBH5XOAb5uA1fv1jcFn8bBK-DQ4LIWT4FG0b0wXpw1WDDoWOVVRyOqOa4d-okItzDrDVbk-BBr8ITGo6-6V5SIyzYwgLG7f1oOsl_cthzEeX9eOhK6gGXXdTcVG67D8kGBL22h42GSSJ0yDoppMaoaQ-o8IocyhhPQcxAmk2_fKwO-XHcp0kSlP47BKPlOFLpY7j8P38d_peFRBroHb2R7HoJXko0gGK4-u2RHbz3EqNcWMSSv_m8o2LrABLH75t69BOAEAYgFwtLqhE2SBQQIBBgBkgUECAUYBKAGLoAHl5Ss0gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDuxQTSCB0IgGEQARgdMgKKAjoCgEBIvf3BOlimucnaxf6CA5oJWmh0dHBzOi8vd3d3Lm93bmRheXMuY29tL2pwL2phL3dlbGNvbWU_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wbWF4JnV0bV9jYW1wYWlnbj1Ub2t5b4AKA8gLAZgMvKfI7MgEogwQKg4KDOS0sQLutbECtbixAtoMEAoKENC9-t_05MOAFBICAQPiDRMI3_XJ2sX-ggMVtJXpBR1LtgoNuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=u4cZ0pOLP-I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&template_id=515&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220x3c6e816b7ea6c3e20000000000000000%22,%224%22:%220x368edd365a57808b0000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%229439117998902271022%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216154936020958334465%22}&andc=true

228 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gaOWLp
reurl.cc/ 		10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f651a105fcd99d835117e820d776e4d79d2a10b4ec4fa6c61b69319f3db6f35d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 08 Dec 2023 00:06:30 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cla2.cn/SpY
vary
Accept-Encoding Origin
x-request-id
d81df395-e882-46f5-8aa6-cbf67632169b
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
3780356
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700044-NRT
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:54:07 GMT
content-encoding
gzip
via
1.1 google
age
18743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
fc8feb72-8536-48a6-8028-d83a4a364c4a
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		177 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Wed, 06 Dec 2023 14:06:09 GMT
date
Fri, 08 Dec 2023 00:06:30 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
122422
x-guploader-uploadid
ABPtcPofd-srweFMF3hPtoB1kpmomDcuDPnwnfevRuK3Wt0p7dIGPUuHN1hRXx3bdj700_lgDOE
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42279
x-served-by
cache-tyo11954-TYO, cache-nrt-rjtf7700034-NRT
last-modified
Mon, 20 Nov 2023 09:15:25 GMT
server
UploadServer
x-timer
S1701993991.950136,VS0,VE0
etag
"dc1bad45759bbb89536459f2c34eaa21"
vary
Accept-Encoding
x-goog-generation
1700471725490318
x-goog-hash
crc32c=3IRkSQ==, md5=3ButRXWbu4lTZFnyw06qIQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
42279
content-type
application/javascript; charset=UTF-8
accept-ranges
bytes
x-cache-hits
1143, 15
pixel.js
storage.reurl.cc/javascripts/ 		429 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 18:28:46 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
20265
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
429
x-request-id
a73b35e1-7ca2-4350-91e4-968b5a2e3c2c
ga2.js
storage.reurl.cc/javascripts/ 		536 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 16:45:48 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
26443
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
9f3b7b8f-374a-40e6-ade5-54832acdb6d4
js
www.googletagmanager.com/gtag/ 		278 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.72 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
20410d0c8fa1594557fc87207e00271d02a633cbd59a38960bf86760d2bd062c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93959
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 08 Dec 2023 00:06:31 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		92 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
4d5d27d2df23a576032d7d455ed2715adf3c9cc4c82786b1a6d80ae0d0857e5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30279
x-xss-protection
0
server
cafe
etag
928 / 19699 / m202312040101 / config-hash: 12389945666769355502
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:06:31 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:30 GMT
x-content-type-options
nosniff
content-encoding
br
age
6303370
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700044-NRT
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
512 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:55:19 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
11471
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
412
x-request-id
88f57126-3f9c-417b-b307-f3825c54a1c5
loading.js
storage.reurl.cc/javascripts/ 		134 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:04:31 GMT
content-encoding
gzip
via
1.1 google
age
10919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
1bf4815d-c606-4382-bdc7-775a041494bb
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
page.php
www.facebook.com/plugins/ Frame 96E7 		94 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
552cd7a7b75bb2d8b64ad1b2ea1bd5111b9ded88e77e5b74b378ca31ae2c8106
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:31 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
CS4noeGBBpAfRhV0Mf00fygaMXQVOHRgh2DKYx2o9x29PveJE5qUtjERb4sxbeWNSTg3g2kZxGEs9YDkvW53Eg==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
4565b0ac5807d5b75a1f8c8715bfeb4c1275d25576261e8ed278f115b463cb99

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1c07-7TjEMmlLg5EpbDnYl9GIEl/SpYg"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7175
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 08 Dec 2023 00:06:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
FQDdXZYfw2XjIam7SxuC/yGjF8iDnL2Uzplkvh1BdoXKRCNdiEwfq4OkBLn+LNGvm4tDunSzEe8eVqmM0T9t9A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 23:30:35 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2156
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 08 Dec 2023 01:30:35 GMT
mocpogo_01.jpg
asset.re-news.tw/images/ 		427 KB
428 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 23:50:05 GMT
via
1.1 google
age
986
x-guploader-uploadid
ABPtcPrY5GyqwqJz-Z67JWa_t_2PFGApQoeCNpuU1i62nBkdD_Ee7vrWhk063Rx_yNr2TsQMDvYCVvk1UDSAg-X-NvPbEg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
437364
last-modified
Wed, 18 Oct 2023 12:58:27 GMT
server
UploadServer
etag
"2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation
1697633907721269
x-goog-hash
crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type
image/jpeg
cache-control
public,max-age=3600
x-goog-stored-content-length
437364
accept-ranges
bytes
1701954662-eabd29699de9e8b6d55f910edc0027f4.png
img.gbyhn.com.tw/2023/12/ 		400 KB
401 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/12/1701954662-eabd29699de9e8b6d55f910edc0027f4.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ab05351d1257d38ef4ab7f85492cda992e1f171134f173a90b8eabef358c73f

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39273
alt-svc
h3=":443"; ma=86400
content-length
409782
last-modified
Thu, 07 Dec 2023 13:11:02 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QiNAQk%2FBNteY5BfHPZ%2BD%2F%2FxpdvhSJyTqpfggEpoNVq66kICHZgjg%2F99dOp7bIhYboQtG%2F9lJn8dZyJFrQVgl4Reow4WR9Yf%2FpcAZnLeLyDkx%2BzOxpAqL%2FQVXxhfBp5UM%2F8zI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
8320c34d6fe7af91-NRT
expires
Thu, 14 Dec 2023 13:11:25 GMT
FII_Institute_Logo.jpg
mma.prnasia.com/media2/1811613/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/1811613/FII_Institute_Logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.238.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a1e09863e72c952cf3feb7fd40c213a118cff8ab05fc86629e4ce20aa834cac7

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
cf-cache-status
HIT
age
42587
x-powered-by
ASP.NET
server-timing
intid;desc=4481575185e1e4b2
content-length
19570
cf-bgj
h2pri
last-modified
Thu, 07 Dec 2023 12:13:14 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
8320c34d68e9686a-NRT
access-control-allow-headers
Content-Type
expires
Thu, 07 Dec 2023 12:13:15 GMT
2023-EZTABLE-%E6%B6%88%E8%B2%BB%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%84%AA%E6%83%A0-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/12/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/12/2023-EZTABLE-%E6%B6%88%E8%B2%BB%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%84%AA%E6%83%A0-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5ace58115177bd9d342f148f9a2f6ba637b04e74fda103abe156a43f92c1a8c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
3.nrt _atomic_bur BYPASS
content-length
49130
x-nc
HIT bur 1
last-modified
Thu, 07 Dec 2023 09:48:13 GMT
server
nginx
etag
"9fb548c4d1209d88"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sat, 06 Dec 2025 21:48:13 GMT
20231206035638100.jpg
img.racingcharger.tw/wp-content/uploads/ 		185 KB
185 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/20231206035638100.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
6ed2aeefa3712394f2720d2a8ea2d3841d75125eaf7548ac7b0758603a4ccc2b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:30 GMT
last-modified
Wed, 06 Dec 2023 03:56:46 GMT
server
Apache
accept-ranges
bytes
content-length
188999
content-type
image/jpeg
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		612 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.190.31.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
54.31.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Fri, 08 Dec 2023 00:06:31 GMT
expires
Fri, 06 Dec 2024 17:04:26 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.133.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-133-103.nrt57.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-p8dmn
date
Sat, 04 Nov 2023 16:58:02 GMT
via
1.1 google, 1.1 ca1bfbfd9295e7865d816048e88d6b34.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT57-C3
age
2876909
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
SUHcE213OsywJnTI7Atv4VkC29C0FwPobrXZ3oEvAHitTDKGcZMB_A==
content-length
253615
wix-tracer
2XifzHgfSaztWkfQKIgA4apLkWX
2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
i2.wp.com
Software
nginx /
Resource Hash
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
content-length
109448
x-nc
HIT nrt 8
last-modified
Fri, 13 Oct 2023 09:02:46 GMT
server
nginx
etag
"ab5b506272fb167b"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires
Sun, 12 Oct 2025 21:02:46 GMT
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.236 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Fri, 15 Dec 2023 00:06:31 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:43:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
15777
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138293
x-xss-protection
0
server
cafe
etag
11350998454379829730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:43:34 GMT
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 08 Dec 2023 00:06:31 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33827
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
AoNbuS8MOf5fDKW+9sEktVN8m0sxs6TDnUmxH9oRyhY9e3AXJbEtZtzOR94ZxFB8ngpvqeOLVeBZknQyf2DueQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame 96E7 		20 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QZ/F21WCMvVioyUwMJMxZA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5281
reporting-endpoints
x-fb-debug
UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:50:30 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 96E7 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEms5HNO4RW/YAm2lY0J/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6478
reporting-endpoints
x-fb-debug
Zvqj4BwsAg7DH0vphEvAiof0tkgNT3ULIpUzYkEnFZbcY0h6gbInmBYitSBUGHjd6Bp62ZvXPKF1omUgMDNx5g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:24:08 GMT
L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame 96E7 		21 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YxGy9ULmNYpse9KBe8qMZQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4833
reporting-endpoints
x-fb-debug
I66HsIkWfOkwt07ooyILB/GF/RU9PwOE/2DexBYG5YttEsjc5oQyZesfSpaeAkSXOr5KtuUamni0TN5WaozTjQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 29 Nov 2024 16:55:50 GMT
dlkLFa46YZW.js
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 96E7 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
71f58649cf37e2f58cfaa2eaa1f9e292c721ab462b6bd022dc9e5feb9b8b2ade
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
NiMIzZDBjvLmd+NhP7cSGQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93678
reporting-endpoints
x-fb-debug
5BefuGMEPUYtH2oF4nkETiXxlN7e00j1Jz0myC3Y0/1JfR4Fz4yq9qIeSHqaeRzgJrYWFatW3n+p+h4494AgRA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:18:06 GMT
YJcyY7izLGB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 96E7 		94 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
qj5bFqqBeNQLu7uSNkxJ/A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27471
reporting-endpoints
x-fb-debug
7pUWswxC/faPP6SIN2aiiUUQxamcHXWruFIDOdfiMWgW0/j0h6/LCupP9FtI6bfMa5FkmOrXN8xj48mgaXNtRw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:16:33 GMT
tbb6w30TkDN.js
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 96E7 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
HCL+u+2LMSrM7ELnarU2bQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2226
reporting-endpoints
x-fb-debug
5ktdl38nnKDsn9IiNqlPm0x/hIIGePfp/hs1vcHneiFjH81tgrSqVPa/w2GHGbsT/H6Qts+4gMFfcyNsRe9n8g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 23:21:08 GMT
NzLu2EgdNec.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 96E7 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/NzLu2EgdNec.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ZzTJ+p/dtUbDbk1794DOEw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16835
reporting-endpoints
x-fb-debug
73k2iytIhZGMSpPw+RP4mWSehKcYLfJmyf0q+wwPUqRwfaiPpR/dmqfoRORqjXuUhk3xE0SP/QN3e3NAoZyN0A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:36:36 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 96E7 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:53:20 GMT
sGzZqRL36h3.js
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yJ/l/ja_JP/ Frame 96E7 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yJ/l/ja_JP/sGzZqRL36h3.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
7caa36a2429987bf28f857262051ba65268681630d763af8489caa70a3a37dd9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
MbnHOjYedl0dIuyFMKfvEg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7901
reporting-endpoints
x-fb-debug
O2L4k+OCCASHv0QPe/5E3WTKUJSjrVZnq6oVJBkQhpJ1cckYph0AVg9zF0ji0oILTcdPOl71BhKdzjwn7bDuNA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:23:55 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 96E7 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
phAMyoOpvbhoet00DvMWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20298
reporting-endpoints
x-fb-debug
V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:19:01 GMT
j5rc18aomdh.js
static.xx.fbcdn.net/rsrc.php/v3i5dO4/ys/l/ja_JP/ Frame 96E7 		347 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i5dO4/ys/l/ja_JP/j5rc18aomdh.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3edb7d7cf4bd2e766e90db553560c32cff5e84208ecb968a441494cbbe087ec3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FtDhY4mEJuOM47NZwCNvfA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83212
reporting-endpoints
x-fb-debug
bDliQmW+3LiTd2da+IWabBy78yymaszjc0v0QoM86nc/XZ0TR7OrydtDM7wayDo2PLnLhuhbP8lQ1GAjYUq3HQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 03 Dec 2024 21:23:44 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 96E7 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95634
reporting-endpoints
x-fb-debug
oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:24:12 GMT
qb2Dj7XLRaI.js
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 96E7 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/qb2Dj7XLRaI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4Adm+FXxkwDjHgLJ9sF/4A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
17829
reporting-endpoints
x-fb-debug
nyW4pDFbyjuixRtKkdd8/1tMamMQWBHb9rOxRUCaNeTPs5odfRh8GKReCYsHmyuNL7tiIBRj3caQCxT6iu7rEQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 01 Dec 2024 16:14:55 GMT
Yf-9xO1t3is.js
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 96E7 		209 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Yf-9xO1t3is.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
d891551f129f5784e720c7807cbd10b8b5aa4a8d9440880c32b521e3b89ca346
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2KILPdRBUZJyjxkGI/5ONA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60957
reporting-endpoints
x-fb-debug
e8O/Yu5TfKTgSsKJGopD+9epMVhsJFYHpxCa9YvgrSq0tWTPK71n3GGDhGmHxaI7POfTY7aJzUXzfy3BsaISVA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:19:02 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 96E7 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
ExJewB6tul3iBN/nnaHRWhsU+IjBqXK3MRAmKOgL969enHtQ1QhqCHgsa6uzb5aTikVgCb50ADKpiu4yJl/8LA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 23 Nov 2024 18:21:46 GMT
D5W9jnaQkor.js
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 96E7 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/D5W9jnaQkor.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
7c363a0df8fcfb5937f3ea0fd2d1e6bd6d1a5f7e577184fbd8843a4baa2f7d7d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6cWcZmvYc5zwxj1LzL9JSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15199
reporting-endpoints
x-fb-debug
oLOz3PDvWq4NW6pdtg+XEp+LcV3P+lAb+YKJ31h/ZG5Tzc3Wnl6fhUvL0P8wNvJSLyiWoPYiew+FIOHL6UslqQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 06 Dec 2024 19:35:38 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 96E7 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=AFqS8Ov4x6EAX9br2HF&_nc_ht=scontent-nrt1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfDv82YOwYrEnb0NDO7WZa_TJi9I4oT9VslQr_fEEqEpXQ&oe=65778B45
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:31 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBC2ualt2gzFXUr8pDttO9i4FfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 96E7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX-O5WeW&_nc_ht=scontent-nrt1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAakj0wxkv27mNBZyL34sOgjoDxJ5Ld8q5NQHR_X2Wo9A&oe=65784515
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
priority
u=3,i
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=280970190&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1120514793&gjid=403312533&cid=1582687958.1701993992&tid=UA-102456694-1&_gid=672608448.1701993992&_r=1&_slc=1&z=1758612818
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=280970190&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTk4LjEzLjM1Ljc3&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1582687958.1701993992&tid=UA-102456694-1&_gid=672608448.1701993992&z=1961302873
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 20:58:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11266
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1701993991020&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1582687958.1701993992&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701993991&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1090
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1582687958.1701993992&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1582687958.1701993992&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=45207677
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1582687958.1701993992&jid=1120514793&gjid=403312533&_gid=672608448.1701993992&_u=IEBAAEAAAAAAACAAI~&z=1555254284
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.187.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 09 Dec 2023 00:06:32 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
533380
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8320c353bb5ddff5-NRT
expires
Mon, 11 Dec 2023 00:06:32 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 02:36:08 GMT
content-encoding
gzip
age
163824
x-guploader-uploadid
ABPtcPrzhqbhZjv7bM7br6pJ3NIIBiH5qc7wUBgq3yOYccE07JrMSAq2kZcEsqZhQF1n9T1NUiO83Jney5Y5WBSegqoRWA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 05 Dec 2024 02:36:08 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
dd6e4b07c5b16bd4c9b390ec0d5fb010
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-102.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 19:48:55 GMT
content-encoding
gzip
via
1.1 ba1ce9c69a66256a857451734e2da0ae.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
19311
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
8vVrjL5whX5ZixLBf5lTgkzJtcWtRz8Ac9vtEMTo4Uvs6nIsTUnKVg==
ads
securepubads.g.doubleclick.net/gampad/ 		325 KB
64 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=14820123254127&correlator=1445250536891438&eid=31079783&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701993992176&lmt=1701993992&adxs=245%2C1005%2C245%2C625%2C245&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=1582687958.1701993992&ga_sid=1701993992&ga_hid=280970190&ga_fc=true&dlt=1701993990936&idt=1121&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
8a2388dd55b9d8f2f316b1fd31b5a298de4d4cf1c9218956da7195a131fc2f0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65305
x-xss-protection
0
google-lineitem-id
-1,-1,-1,6297900949,6297899953
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,138432357881,138432362607
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		34 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=14820123254127&correlator=1445250536891438&eid=31079783&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1701993992211&lmt=1701993992&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1582687958.1701993992&ga_sid=1701993992&ga_hid=280970190&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY35_9tcQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjen_21xDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3p_9tcQxSABSAghkEhcKCHJ0YmhvdXNlGN6f_bXEMUgAUgIIZBIUCgVvcGVueBjen_21xDFIAFICCGQ.&dlt=1701993990936&idt=1121&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
eb4bc769e26150b9c878d7d6408c1053a0a0b6a800a5968de6832c02dc60f553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13032
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 208F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:32 GMT
expires
Sat, 07 Dec 2024 00:06:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.facebook.com/tr/ 		0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1701993992356&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1701993992341.266681637&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1701993991453&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 08 Dec 2023 00:06:32 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1582687958.1701993992&jid=1120514793&_u=IEBAAEAAAAAAACAAI~&z=1538774845
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.26.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1582687958.1701993992&jid=1120514793&_u=IEBAAEAAAAAAACAAI~&z=1538774845
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix07s07-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 96E7 		573 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 21:03:22 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 96E7 		89 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19699.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=UNKNOWN&__rev=1010282616&__s=%3A%3Asir275&__hsi=7310008530721332677&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
17c594435fc9e70198aa5b12b86065ea83fd5769602260ae758d0fd698c0f997
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
G375xAPsivh90lUUo-yHNG
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 00:06:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
GRZffPB5l/4CsaO54fLvaQO+wOOh3tmQA1Af8Rkzh6vZAae1i82IbhT1eVGXr+NbDKBhgVwTQ7yAdKSUxhqVqw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-cache, no-store, must-revalidate
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/platform/plugin/page/logging/ Frame 96E7 		955 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
76d876a0ca94f4f266438864b7cbb952eaa1d64b4011609a1129caf872725488
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
G375xAPsivh90lUUo-yHNG
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 00:06:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
gHYnjeIHyt2YfmwsSeEr//bQxdPCGjQjRb8LCJrnpyUTp80sd7knZAopmebxDcYSlFLmOpG1DVvj+0C0AjdR+w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 96E7 		955 B
655 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
c6038c490d9ba5f01b25f662e3621d7d1392fe815a9df8fadb659ae8cb2ade3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
G375xAPsivh90lUUo-yHNG
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 08 Dec 2023 00:06:32 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
Ih7UE+AoxrAu/KNKvSzOdkoFdPTouFEhv70+p+ogyF3v7QTvS7WAAcYmeE4Xr3gQMnb5TK4UgGX+J0ntQ4k04g==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 20AC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:32 GMT
server
Kestrel
server-processing-duration-in-ticks
268836
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
85 B
192 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
93a1d56041ca1822797c0c1521de1f2c1d49129224188b003e5f0b9224db86d4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-2nU0N0x6y/ztMM4nrfit7Sa7UtE"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 08 Dec 2023 00:06:32 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
map
bcp.crwdcntrl.net/6/ 		235 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.134.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-134-10.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
926634a6e087f87bfa0f6a558dac909c9a0903c41d9b3ccdc00c2b8ba9f6444f

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.10.5
access-control-allow-credentials
true
content-length
235
expires
0
container.html
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3CDD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:32 GMT
expires
Sat, 07 Dec 2024 00:06:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
b03rUpj3fKJ.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 96E7 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pG8ZphjXUfeB/6xAtn+7sQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3454
reporting-endpoints
x-fb-debug
DRdGtH5o58z6Xkn/N2MFJuS7rGjvEI0Xixz49NLzf9FuXBFtimHQo4N7Fnk9RjGe517xC7vX3A7fxbvNkQyjHw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:16:34 GMT
C8LrV2fV5JS.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 96E7 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uzIAFtOVooYStiVL9khrKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74671
reporting-endpoints
x-fb-debug
WFWC+pJi/TmV7uPVZaD2eVVnDg380PeWbtKUfBbFBf8EkriFhYc+AdkB0M3oaAX9U2hBq0B9WCOnjL5WGPJUBg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 28 Nov 2024 21:47:54 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 96E7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 27 Nov 2024 18:22:49 GMT
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 96E7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
IelIUaaXgpvYzHdmliRgH8JaNZqmB03FG4wBEViLkwuWwSuPoKD7LEwtRa+4SN2rUE6kKUPJ6IpWIR7IlJE0cg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 27 Nov 2024 20:21:49 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 96E7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 01 Dec 2024 17:51:04 GMT
json
gum.criteo.com/sid/ Frame 20AC 		446 B
557 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
ee61135d442428fb468f27d98708d5bb99073d1d4e9d7b22aad4dbf8fda91e80
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
988831
expires
0
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 96E7 		213 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:32 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
PaQaxrrG/SwH/VCxoBLUJjuZVRObYZsc6u8gggjVxB+aLLJmRUd1odY1Hhf/Ee68u+Hm63Q7+IpSs0RaVwM7Eg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Tue, 03 Dec 2024 18:38:39 GMT
container.html
42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 47C7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:32 GMT
expires
Sat, 07 Dec 2024 00:06:32 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 6F78 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:24 GMT
age
8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 00:06:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6F78 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:24 GMT
age
8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 00:06:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6F78 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 06:48:22 GMT
age
62290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 06:48:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6F78 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 06:26:25 GMT
age
63607
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 06:26:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6F78 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 06:48:40 GMT
age
62272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 06:48:40 GMT
truncated
/ Frame 6F78 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25544841fa3a467c8c2caefca75e21616e0874f1564fa14e975ef770dc52c9c4

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 570F 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:24 GMT
age
8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 00:06:24 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 570F 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:24 GMT
age
9
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 00:06:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 570F 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 06:48:22 GMT
age
62291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 06:48:22 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 570F 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 06:26:25 GMT
age
63608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 06:26:25 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 570F 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.25.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s19-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 07 Dec 2023 06:48:40 GMT
age
62273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 06 Dec 2024 06:48:40 GMT
truncated
/ Frame 570F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9ea28b131205e7444a09c2a75568af1cc0d6635a7cc8017286433de49e2062e

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 045A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstT0uhCG1DRryOqplzpE8uMH_xl5zOLCqeKZViUASx5-_PK4CrXmMrj9tkVKLExDPxtUY-MN4ZJHgutSls11jXAOzEywThT_cUwjOm63T1yLFoKdchvwGORgfP9sQpPJ5dQRBoeDOc2z9429wrU5sAiZMkpvi4sU_Zu_ZNLD9yOhD-g7Go4ofuMsF5z1hi_mUXtShgHlTWeDtrVNlFg4WFFZcRf_Ey6GPHX-1okOmhFzRKR7rslX0Rm4TOWMwakZB8SpBl5XDEWWm2IDA4Vg3fFk79P0b0ecKKglYj70NJ9I4zmuA3n4v_9wkjstS-L16SFBWw8A0JPE4TNPaxdC33zS7xqJFdAckkiMdxTSanfaATJLnbJbQ0-jf3mESjX&sai=AMfl-YSzWZKLQJcCtScPIuyMmED8aN07ufnKnprw6wy8WGgDBPWwgJp-qEicgbzwWGrDlMX3gKlYuRA3RilX-YZkqyhcpIK1RkmXsxWfk504uVwlsFoT4VByKcdB7MeJBuaFiIQsF7MAiJloOuthtw9U70S-Ld5TmKXgpPKpBQ&sig=Cg0ArKJSzJ8X_B_gcERdEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 00:06:33 GMT
init.js
cdn.holmesmind.com/js/ Frame 045A 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Fri, 08 Dec 2023 00:05:57 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
37
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
Ws1q5OBLfD73C9w9WmQf-nHjXdbRZK_dwcFiGLY7VJKFzz5pRxFs_w==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 045A 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:06:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYo-sAftmbj1ykmxJRmH7FoNdK89n6iUJARwhnCNBdaCh_q-W6UGRwFYj2lWyvtcr2psGXHPFHIG56wKxFXVtyNetXhPfI5K1g1OSWd9lgc8kudk1W-I1nxlZFT4I-ca-2eIyLaCHIxu5b6vAl9aNf-KCIwxx2Yx6m8RzJbq1TyYT63uP4odLk0btSWxiy7X0rT2esmHMe_lPIv8xII4zhUlvD0A0GhbUyAt68CiQp1iAjsFtw50R7DLvGLExS8f0XX3ho9LFdWZ3NBBArmQunqLT-8EoMxDCkonqR24T0Qtauj3xnXkpVBcpm0w0jtldneQzNtxebTWjQ3lKwY3b4wzTMrNlhKYFU8nOlLsaZZ_esyg_vW8pu_ntfFRJU&sai=AMfl-YSkvmZqbl-KWa4gPPyrNzuqfiAzIkloIPvIwkk5ZqKZLLxFySZV73itID0a6rhydNnooccVaBr--pEzP7ZSfOV8aRKBAPFZ7b02V9aY_sO-dyIryzPKivx0EfCzT32jjI03llx6Ad4VNRUkheg726dXE5ocVEghW_KJnw&sig=Cg0ArKJSzGRQPs99eiV0EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 00:06:33 GMT
init.js
cdn.holmesmind.com/js/ Frame 99C9 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Fri, 08 Dec 2023 00:06:33 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
37
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
RkjHQVwS_u41_WPwIsJLdvwZYW1h61KiJzxkGc9KBaTjmZXMZxNQVw==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 99C9 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:06:33 GMT
2620221396672966421
tpc.googlesyndication.com/simgad/ Frame 6F78 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2620221396672966421?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSXbs7lY2FqgOlG1UjaPj_s_6ZAg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
eb889ae27a520fb75bbe2194881e8cba73a87d5e2d5ac4c15df2a9b21e71a1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:31:26 GMT
x-content-type-options
nosniff
age
45307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45525
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 10:48:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 11:31:26 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6F78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:34:38 GMT
x-content-type-options
nosniff
server
cafe
age
52315
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 08 Dec 2023 09:34:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6F78 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:11:04 GMT
x-content-type-options
nosniff
server
cafe
age
10529
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 08 Dec 2023 21:11:04 GMT
2620221396672966421
tpc.googlesyndication.com/simgad/ Frame 570F 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2620221396672966421?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSXbs7lY2FqgOlG1UjaPj_s_6ZAg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
eb889ae27a520fb75bbe2194881e8cba73a87d5e2d5ac4c15df2a9b21e71a1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:31:26 GMT
x-content-type-options
nosniff
age
45307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45525
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 10:48:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 11:31:26 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 570F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:34:38 GMT
x-content-type-options
nosniff
server
cafe
age
52315
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 08 Dec 2023 09:34:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 570F 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:11:04 GMT
x-content-type-options
nosniff
server
cafe
age
10529
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 08 Dec 2023 21:11:04 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8960 		217 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY6_iq7gEwAQ&v=APEucNXefie1hFpZml3k-lZUELyIEUfQkMYN5MvPOBS7VlTTHiKaxJOTKlIqn-SxHlatChFyMyj_QVTdmQD2oAncKT6Hswgpuw
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
112
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 3CDD 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:06:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CDD 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D3bMAdt8kPULFfps2Rj4IzEDOO46eWAP1R9J3aI0CKskINNNc5GeKkpDS5aARMTW4OW7hYwlzCU39XOILxYdjGUm00v3fxfSU0JB4q_vq4r1JyqII
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
fw.adsafeprotected.com/rjss/bgd/1525516/72173819/xbbe/creative/ Frame 3CDD 		263 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.72.69.55 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-72-69-55.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
de295473b58ce0fabd2da10a183774a361b4a96aa41b81d5fc83bd307bce1fef

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3CDD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
13555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:20:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3CDD 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:20:37 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3CDD 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:06:33 GMT
2Yd4YbKG5Pn.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,ja_JP/ Frame 96E7 		25 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,ja_JP/2Yd4YbKG5Pn.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
b0f0fbf9b3cf511347cdd240a5b9d150a7bda064d49fcef52e4c0b7ef4451ae7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
xWnyiPeKG/Tr+DMpGMsEHQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5785
reporting-endpoints
x-fb-debug
S2Kqu6AMebqaf9ow+ZSsmjAQufXLAtMp+7UqJwRaICPt4OksO+pOoTrehKjdZ+WzDrtvCD9rZ2N8SrSRO57ScQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=0
expires
Fri, 29 Nov 2024 00:25:31 GMT
truncated
/ Frame 96E7 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
text/css;charset=utf-8
52LYZIhy45E.js
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 96E7 		61 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/52LYZIhy45E.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
C2gh+uM0z58qULSGo8hJKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15948
reporting-endpoints
x-fb-debug
DsFmn3sjkxjUITDS21aiRbUVXn1dQLIWyufgzBAPDX1kFio1XtENCaBGlbEqrj5rZ8EeX/q1fu/rzqYxsreF1w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Nov 2024 22:15:21 GMT
2_UQu_HhTQu.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 96E7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
9fmJr3THTP07qrIGN3DNCQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2755
reporting-endpoints
x-fb-debug
HMaNtlbuCjQPb7EmW1j/VRg1zZmIGUS5Ky512yFhYQDsuGshkqxejSN/VEVnkq74Jc2IaOQAsaIe7N+BOCFXIg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Sat, 30 Nov 2024 16:08:04 GMT
ie38mp0O07P.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 96E7 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
CEYVgZg04j7erS0ub7sNsg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10390
reporting-endpoints
x-fb-debug
Lr2tatQQ2pAfLRBI7lIWSfa05UyW82wJJy6OUNTQbHSv+Y6xQ0nj7k6xuNcJhuqk/DQfSyLhWjQunM+PK3YEjQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Thu, 28 Nov 2024 22:18:30 GMT
pixel
cm.g.doubleclick.net/ Frame 8960
Redirect Chain
  • https://s-cs.send.microad.jp/cs?key=google_1
  • https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY6_iq7gEwAQ&v=APEucNXefie1hFpZml3k-lZUELyIEUfQkMYN5MvPOBS7VlTTHiKaxJOTKlIqn-SxHlatChFyMyj_QVTdmQD2oAncKT6Hswgpuw
Protocol
H2
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 08 Dec 2023 00:06:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
server
nginx
p3p
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin
*
timing-allow-origin
*
access-control-allow-headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length
0
x-xss-protection
1; mode=block
/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame 8960
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEFFN8PpZtvbHKr9zIM081QA&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEFFN8PpZtvbHKr9zIM081QA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY6_iq7gEwAQ&v=APEucNXefie1hFpZml3k-lZUELyIEUfQkMYN5MvPOBS7VlTTHiKaxJOTKlIqn-SxHlatChFyMyj_QVTdmQD2oAncKT6Hswgpuw
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
ja-JP
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEFFN8PpZtvbHKr9zIM081QA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
309
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 47C7 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%87%E7%9B%AE%E3%82%B70%E9%81%93%E4%B8%8B%E3%83%AD%E3%83%89%E7%94%B0%E3%81%A11%E3%83%94%E9%9D%92%E6%96%99%E3%82%B0%E3%81%8FF4%E6%99%82%E3%83%90%E7%8E%84%E3%81%8B%E8%BF%BD%E3%82%AC%E3%81%B6%E3%83%97%E3%83%A9eS%E6%B1%9F%E7%90%83A%E6%9D%B1%E3%83%83%E4%BA%AC%E5%86%86%E6%B5%B7%E3%81%97%EF%BC%90%E3%83%8D%E3%83%BCW%EF%BC%9F%E6%B8%8B%E3%83%86%E2%88%92%E3%83%80d%E9%96%8B%E9%9D%A2%EF%BC%91Y%E8%A1%97%E5%B7%9DO%E3%83%95%E5%9E%8B%E3%83%A7%E9%9D%9E%20D%E3%82%A32%E5%88%86%E5%8A%A0%E4%B8%81%E9%87%91%E7%94%BA%E3%83%AC%E3%82%A4%E3%82%B6%EF%BC%92%E3%82%BA%E3%83%88%EF%BD%9E%E3%83%B3N%E5%8C%BA%E8%B0%B7%E3%83%A1%E3%81%AE%E5%9C%B0%E8%96%84%E5%9D%82
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f10.1e100.net
Software
ESF /
Resource Hash
210a1844b44ee812009792b36baa2958dbe5803c2ce3bbaa1589e16505a92a61
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 08 Dec 2023 00:06:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Dec 2023 00:06:33 GMT
css
fonts.googleapis.com/ Frame 47C7 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 23:22:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 08 Dec 2023 00:06:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 47C7 		2 KB
875 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:20:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 47C7 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
13555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9318
x-xss-protection
0
server
cafe
etag
3562968281324141506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:20:38 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 47C7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
13555
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:20:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 47C7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 20:20:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
13556
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8581
x-xss-protection
0
server
cafe
etag
5638635208567908330
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 20:20:37 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 47C7 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f2.1e100.net
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Dec 2023 00:06:33 GMT
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame 47C7 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7a8419aef3683f04c437bd15cecf843d.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f3.1e100.net
Software
sffe /
Resource Hash
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 15:56:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Mon, 04 Dec 2023 21:30:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 06 Mar 2024 15:56:09 GMT
11935577162394365096
tpc.googlesyndication.com/simgad/ Frame 47C7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11935577162394365096?w=100&h=100&tw=1&q=75
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
07a4e6e29c941243f89b66b95f71169d367abe2df067120a46ed95e522f78914
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 20:40:38 GMT
x-content-type-options
nosniff
age
98755
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1309
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 06:33:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 05 Dec 2024 20:40:38 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CDD 		0
58 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6281424441733&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CDD 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6281424441733&version=m202309260101&ct=76&x=1&cor=11532257684692253000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 3CDD 		16 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8XOsdtMUq_YenGKifiB2Wuv5M-sOmToMIzBpWzu4YOpKnv31F4rkDeyFab80fZPcxkmA7RK0jv-gGXaAvhTZEFco9joCHOlA6mT7ZbqRvC4yvokPvRYpnTXmbWc64a1LtuBeJg_1iz2b7T1eriIsT1ZF2-ihe8yRAsiWMpddddQhiXSg&cry=1&dbm_d=AKAmf-Dtpum4D9HD9vYnhisSWew29GiiGjvX5mUDFKf7Yv1K5p-32gIirfa2_vR1ZkgtQqaQUeOZirzqbDOADf3K_nuy2S8tQgmbfVuenguvSUobIhiyzjioQzG4cCTjS8619_A7pdrLPA-Hzt_0KY-vkEpIpn7BdgxZaUXp7AcyZ22MNjmF8kSHFoGoz2vVH_4tIf6L6TlknIL3xSPFEM7Cx7NiksCnCt7QyKHnZ-ZTNIRtx8SPBdSzIS9uQ0M6XCBRcw5otqGZVnMf1O2YdowSaAKdI1njnVixMx3XEyP_eSUnjWq8rYG7_AlNxebYj3GP1Tn-knLDcR2djigvE4aTiBev5ZJMiISaxn-k0JVBh8c7np4ywOF1Zku3TogyH6oUsubZn7YKnvvuIRNLZKvJ44krlY3ASxIjlEjm3Hsg8bgq-DZ8nCvJCDOaXk6Va5OW3_64aNfk6G1huXEFXu2QP9lEUWxDZdeBLbEb8AhFbJ99JCB2fRrQMJ-ZF35rjdzAkM0llDmKPlCrejPfSs2N_yfx5WUvgCD4E_l8DwOGxeBHvN4ClopO0TFTIHUAZSu-2V18jCapRf8herDzmsR6dmdiboC0hnKQAoqsdNBkIJw9r5Hhe-of06d4KSJBaCGPTewplZlIVlfYL7bexkNpSqYIGvwWeEPLV49N6wF5Mph1yLkqlv5b7jYr_g0ZmukIsV3YbiXtAESs1d5vi753EhJ8kUQWlPc13tLXf9qajL4J8M_RAHKlLRGgn_d8FJ6e0OrnqQ5Oo9Mr6GrhHsACiykUGcuFY3f0Z0vu8G2Fo1ektbllvpOnVnz8UxoR7TPXpKHndBUgjRu-IWGPWwZKyY5uekfU42GU7uscLiG_SRki5MVe7ndF-hv8b-CTWf4jljpwMekqAesLggL985ZK5Kw9_LFYYlN8vb-hhwCzlZ64-L7legbkmxMDut1S9BDo3Al_mZGXzCZHSn9JBHL5gnKJ2KxQecS_xPqLZS8cqFhyWPR18HR4fcJy72etDB2A7GuumBoRvBYQHtGSB4z2T2QT4eEaQOXyCqWwQ-krqPHpOCwJSZaQ3nMiHE_Zj8_c4tvIX8O2iM-55QcLDsCxE8mYHr_L6PFW9sv70D4k9keNH91F6vvyLxJEAw1e14WSiz_0ezgrfjiBFBvaAAKeMmTmU5GfyOuQM75tOiuXpnzQyJ-6I9snKa6HRjIBIlCw4KSbYORcvmaBkQA_WUe6Wbde86ikGqesBXqcVh5ePAMWfIe70IAdOdIuKIlUxd8Un4Pcv5RTpaZEIxPjC0xXsPu02vizLWUCho2p3yeAVGsJCYvjBRjLcWZNbZRbu6w7-vSM7WTwHz5Ic-o81-M94-70GtPAUAELoiWIepIW4v5VCjvYP-YQyAA9kA9xl5kvTJnq9S_EMrvCbkFnhLCULvF1tP75Ft3yv0Xj2cz851JgxVmdmQYbUzCu_o_bN76kgKpVJbgNJIxOEG9A5g1TuqIEum8UfUrbej-6lpFtMQlhBjgaEf98FVnwlPOCEy4xveQlFhsVqOCdkPTFlB2NcAbW3TJ-5P0KsM-gAUUr03rNIYDhjcZExI16w3GoEPelqmZMOJhaR6PytBI4JdF23ilNMN3XYMGem0CwFxr9yavNheqa1eq0WlhQrZqK3XLUlckoaB8w96Cjy91vlWZoBnr62f0rKMMdYrgMYIXkdoTnGMhssPbGPghNnMgJGd4HNUvXQUIKzifBcbRMT4gwlw4c4kjUTxkBu3m2MYQeQR9f0Di2ThKOTvvTmHeIKRbrM-E3nXEHMw_BS985b1YE-AVA4GJBFRbOuxcmYboOqKFlVrMoD6vt_vdAawkNmEVj4eK2RG3ZGAmAWdmX3Ycr9o04mfg8wI277WGLNak9qORIuzOJpjHLtfyVlFNXFo31DUCmCyI8c7XTk1tS7BRA6omepsOG9klu01xUskFTomx_CKrYTh2ZX6FRL8JE3-6ghr6ERLmYBBsGKX1WDaF5NXzYXyA46AyEsFLn_XPNi9B8Z_Vd2VUTFQV4py9SUzaDQfaDbk-6pL5RKvGpZeh_8jchtbqOGrda4CKZu_JfXtbvpsHgFg3eF0K0Bx8bS8NNFjcEYBfmwi4ARliGuw7lZUSII_AzGoup7EXj1qpAbdz52RuHMigYz-X00bxKqjOEl_tJEiMRWaICXd4JXEswWqvPw4dSISxkx87buixVTJcqGru00QHn0RDIFZt2BDAso3SPhHKLtB4SjIfIn9RK1Tc_8F7tnrxTKilgDGhuQqL7p2m0GF_cxAk-Sw9ibrmrIQLp09tqFD3GZab1GBFhGljvVvd_rZWUPs4gIcneYpuYFZlIceeP7C-LaUVCUZqWm33Ysvn7kmJhr8ekkOmuIwXr6xPD2sRZooaxiTL1HYlmgELYlPNoXE9GHA4-4JNpakIVilulA2PzOsa1LQk0w7yJtn84yf1M2cG64PzEvB21J5rvztGptXtA5Zaq_IjS8DEPb8RXy54xYK8_SN3S4wImEHgCkLvNbrSOX7OAR0pDaE0qXyQiKiNnOarJfmWiJ80X28bNAceMgilKDgHsvNlkaRQpEgj-BCCiPeQbAWoKhVB80kKcb1S0GthCJRj_AGk-NiewSKvDLzLZl5zFAfBcudtV3X7fBU1qzqhYozdk7odzVXB5o8yRdwCatEma8z-v1EA_oi9IHw7kDWs0NXFrPrdUY7nwSVHD2vVwMlEasVgU34Y1M0v3bpTeN7ew1BUJKNzIdQcTdjvA6O6TS4ZFWNPodcndrmjev7Hab08nelvRQWRLfXyzTrxYnNOcbDhSB0cdiAJcSUSt22Cwv9vre6NNfLlrWFEXzPaQAd1FwOqSSQWuF1GRni5CYGNDkxtQV8WYJooHAELEVKiwpb-yqbSGE35BI4bQVOPQQSh51ZHg-5Xww6bgDfwMEHFQ92nPx7D3JmGmvXf3yyINtLOA_FJlsYW9Jo8cQK0lm7y1aaQ8Qlr31Z6BTlnt0LLmJ9ySm37Iu6GjrOwh1os1myqE0Hx1_D_zWV7tmbvKJdOXqSV3QLbuJyX4sXmYR6p51w_sVdz8oCuH0KlH2ZrQ5ztoSvQHV4WvfiWRPXMjxnhzkt8ksfvJoqJLRw7xB2bSUbEW_hjDaSgap_gXsDNrZ2sATu0JMS6U0Ey3J3M8ciyEnL0bZvsJxoHA3q7oARV5L9zOud9r9S-V4tQHtz9qN6YRdG4iOe_W3wuZZa4LotBXb8VV8n4&cid=CAQSTgDICaaN8sBhwp5pPYGFFbIsgznwPXpXtezVFI2G_z-oHVjfPHLlggfa7KqAHNTsIb0-4CD0F0oNTxzkr7IsvYO2ChI7UGXnjqOJlWHm4RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=11532257684692253000&adk=250412561&idt=157&cac=0&dtd=28
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
8932c0173055e97db7d2952dcecd7d64f2d63290435d34c9fdb1c8291f83e40c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12263
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 99C9 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5984c4331c1e31c39b448a694d5531460849f9045bb0d51c94b4c29563ec5650

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 045A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6532a8976f6ae62ce558fdd4b6cda03032ad519a380a8c432c168b6b8f540d9

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
capmapping.htm
cdn.holmesmind.com/js/ Frame 050A 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
30
content-length
9921
content-type
text/html
date
Fri, 08 Dec 2023 00:06:33 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
0T6iiPdqujL1aOTiVsH2r19S-2atjtDIbDgzajXNGvlutd3Gfis0vA==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 3D09 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Fri, 08 Dec 2023 00:05:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
60
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
ekQfea581LOtUpdPrQYuIJU0KXb4cacAF5BK3tLsUv1bldFZ_m1-bg==
capmapping.htm
cdn.holmesmind.com/js/ Frame 14D4 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
30
content-length
9921
content-type
text/html
date
Fri, 08 Dec 2023 00:06:33 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
x-amz-cf-id
mbv3UX5cw5ZGfIZTFobS-HQOJ57VHm3bt3181v7wmkvq03yedReT3Q==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 3210 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Fri, 08 Dec 2023 00:05:53 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
60
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
Ee_CsIps0r33QtWzX09nYJTwV5qrxZlxkRYFfJAz7L9_Xa5QsBn9OA==
/
www.facebook.com/login/ Frame 96E7 		0
0
/
www.facebook.com/login/ Frame 96E7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 08 Dec 2023 00:06:33 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
zq/HQ9gRQLoQH48KKftaKc/eZv16viE8cTlK0zAdYuW2x9GF0FdRkmG4Zect1xVFJJNfu3//9tI8xnnyI/6MNw==
x-frame-options
DENY
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6F78
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Redirect headers

date
Fri, 08 Dec 2023 00:06:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 570F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Redirect headers

date
Fri, 08 Dec 2023 00:06:34 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
2620221396672966421
tpc.googlesyndication.com/simgad/ Frame 6F78 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2620221396672966421?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSXbs7lY2FqgOlG1UjaPj_s_6ZAg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
eb889ae27a520fb75bbe2194881e8cba73a87d5e2d5ac4c15df2a9b21e71a1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:31:26 GMT
x-content-type-options
nosniff
age
45308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45525
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 10:48:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 11:31:26 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6F78 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:34:38 GMT
x-content-type-options
nosniff
server
cafe
age
52316
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 08 Dec 2023 09:34:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6F78 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:11:04 GMT
x-content-type-options
nosniff
server
cafe
age
10530
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 08 Dec 2023 21:11:04 GMT
2620221396672966421
tpc.googlesyndication.com/simgad/ Frame 570F 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2620221396672966421?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnSXbs7lY2FqgOlG1UjaPj_s_6ZAg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
eb889ae27a520fb75bbe2194881e8cba73a87d5e2d5ac4c15df2a9b21e71a1d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:31:26 GMT
x-content-type-options
nosniff
age
45308
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45525
x-xss-protection
0
last-modified
Tue, 21 Nov 2023 10:48:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 06 Dec 2024 11:31:26 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 570F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:34:38 GMT
x-content-type-options
nosniff
server
cafe
age
52316
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Fri, 08 Dec 2023 09:34:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 570F 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 21:11:04 GMT
x-content-type-options
nosniff
server
cafe
age
10530
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 08 Dec 2023 21:11:04 GMT
pd
google-bidout-d.openx.net/w/1.0/ Frame 4680 		484 B
723 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
797b5a66e602ed82b529625669df13ebe1df3dbd5f43694db08d07d6e833537e

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
306
content-type
text/html
date
Fri, 08 Dec 2023 00:06:34 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 3CDD 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8XOsdtMUq_YenGKifiB2Wuv5M-sOmToMIzBpWzu4YOpKnv31F4rkDeyFab80fZPcxkmA7RK0jv-gGXaAvhTZEFco9joCHOlA6mT7ZbqRvC4yvokPvRYpnTXmbWc64a1LtuBeJg_1iz2b7T1eriIsT1ZF2-ihe8yRAsiWMpddddQhiXSg&cry=1&dbm_d=AKAmf-Dtpum4D9HD9vYnhisSWew29GiiGjvX5mUDFKf7Yv1K5p-32gIirfa2_vR1ZkgtQqaQUeOZirzqbDOADf3K_nuy2S8tQgmbfVuenguvSUobIhiyzjioQzG4cCTjS8619_A7pdrLPA-Hzt_0KY-vkEpIpn7BdgxZaUXp7AcyZ22MNjmF8kSHFoGoz2vVH_4tIf6L6TlknIL3xSPFEM7Cx7NiksCnCt7QyKHnZ-ZTNIRtx8SPBdSzIS9uQ0M6XCBRcw5otqGZVnMf1O2YdowSaAKdI1njnVixMx3XEyP_eSUnjWq8rYG7_AlNxebYj3GP1Tn-knLDcR2djigvE4aTiBev5ZJMiISaxn-k0JVBh8c7np4ywOF1Zku3TogyH6oUsubZn7YKnvvuIRNLZKvJ44krlY3ASxIjlEjm3Hsg8bgq-DZ8nCvJCDOaXk6Va5OW3_64aNfk6G1huXEFXu2QP9lEUWxDZdeBLbEb8AhFbJ99JCB2fRrQMJ-ZF35rjdzAkM0llDmKPlCrejPfSs2N_yfx5WUvgCD4E_l8DwOGxeBHvN4ClopO0TFTIHUAZSu-2V18jCapRf8herDzmsR6dmdiboC0hnKQAoqsdNBkIJw9r5Hhe-of06d4KSJBaCGPTewplZlIVlfYL7bexkNpSqYIGvwWeEPLV49N6wF5Mph1yLkqlv5b7jYr_g0ZmukIsV3YbiXtAESs1d5vi753EhJ8kUQWlPc13tLXf9qajL4J8M_RAHKlLRGgn_d8FJ6e0OrnqQ5Oo9Mr6GrhHsACiykUGcuFY3f0Z0vu8G2Fo1ektbllvpOnVnz8UxoR7TPXpKHndBUgjRu-IWGPWwZKyY5uekfU42GU7uscLiG_SRki5MVe7ndF-hv8b-CTWf4jljpwMekqAesLggL985ZK5Kw9_LFYYlN8vb-hhwCzlZ64-L7legbkmxMDut1S9BDo3Al_mZGXzCZHSn9JBHL5gnKJ2KxQecS_xPqLZS8cqFhyWPR18HR4fcJy72etDB2A7GuumBoRvBYQHtGSB4z2T2QT4eEaQOXyCqWwQ-krqPHpOCwJSZaQ3nMiHE_Zj8_c4tvIX8O2iM-55QcLDsCxE8mYHr_L6PFW9sv70D4k9keNH91F6vvyLxJEAw1e14WSiz_0ezgrfjiBFBvaAAKeMmTmU5GfyOuQM75tOiuXpnzQyJ-6I9snKa6HRjIBIlCw4KSbYORcvmaBkQA_WUe6Wbde86ikGqesBXqcVh5ePAMWfIe70IAdOdIuKIlUxd8Un4Pcv5RTpaZEIxPjC0xXsPu02vizLWUCho2p3yeAVGsJCYvjBRjLcWZNbZRbu6w7-vSM7WTwHz5Ic-o81-M94-70GtPAUAELoiWIepIW4v5VCjvYP-YQyAA9kA9xl5kvTJnq9S_EMrvCbkFnhLCULvF1tP75Ft3yv0Xj2cz851JgxVmdmQYbUzCu_o_bN76kgKpVJbgNJIxOEG9A5g1TuqIEum8UfUrbej-6lpFtMQlhBjgaEf98FVnwlPOCEy4xveQlFhsVqOCdkPTFlB2NcAbW3TJ-5P0KsM-gAUUr03rNIYDhjcZExI16w3GoEPelqmZMOJhaR6PytBI4JdF23ilNMN3XYMGem0CwFxr9yavNheqa1eq0WlhQrZqK3XLUlckoaB8w96Cjy91vlWZoBnr62f0rKMMdYrgMYIXkdoTnGMhssPbGPghNnMgJGd4HNUvXQUIKzifBcbRMT4gwlw4c4kjUTxkBu3m2MYQeQR9f0Di2ThKOTvvTmHeIKRbrM-E3nXEHMw_BS985b1YE-AVA4GJBFRbOuxcmYboOqKFlVrMoD6vt_vdAawkNmEVj4eK2RG3ZGAmAWdmX3Ycr9o04mfg8wI277WGLNak9qORIuzOJpjHLtfyVlFNXFo31DUCmCyI8c7XTk1tS7BRA6omepsOG9klu01xUskFTomx_CKrYTh2ZX6FRL8JE3-6ghr6ERLmYBBsGKX1WDaF5NXzYXyA46AyEsFLn_XPNi9B8Z_Vd2VUTFQV4py9SUzaDQfaDbk-6pL5RKvGpZeh_8jchtbqOGrda4CKZu_JfXtbvpsHgFg3eF0K0Bx8bS8NNFjcEYBfmwi4ARliGuw7lZUSII_AzGoup7EXj1qpAbdz52RuHMigYz-X00bxKqjOEl_tJEiMRWaICXd4JXEswWqvPw4dSISxkx87buixVTJcqGru00QHn0RDIFZt2BDAso3SPhHKLtB4SjIfIn9RK1Tc_8F7tnrxTKilgDGhuQqL7p2m0GF_cxAk-Sw9ibrmrIQLp09tqFD3GZab1GBFhGljvVvd_rZWUPs4gIcneYpuYFZlIceeP7C-LaUVCUZqWm33Ysvn7kmJhr8ekkOmuIwXr6xPD2sRZooaxiTL1HYlmgELYlPNoXE9GHA4-4JNpakIVilulA2PzOsa1LQk0w7yJtn84yf1M2cG64PzEvB21J5rvztGptXtA5Zaq_IjS8DEPb8RXy54xYK8_SN3S4wImEHgCkLvNbrSOX7OAR0pDaE0qXyQiKiNnOarJfmWiJ80X28bNAceMgilKDgHsvNlkaRQpEgj-BCCiPeQbAWoKhVB80kKcb1S0GthCJRj_AGk-NiewSKvDLzLZl5zFAfBcudtV3X7fBU1qzqhYozdk7odzVXB5o8yRdwCatEma8z-v1EA_oi9IHw7kDWs0NXFrPrdUY7nwSVHD2vVwMlEasVgU34Y1M0v3bpTeN7ew1BUJKNzIdQcTdjvA6O6TS4ZFWNPodcndrmjev7Hab08nelvRQWRLfXyzTrxYnNOcbDhSB0cdiAJcSUSt22Cwv9vre6NNfLlrWFEXzPaQAd1FwOqSSQWuF1GRni5CYGNDkxtQV8WYJooHAELEVKiwpb-yqbSGE35BI4bQVOPQQSh51ZHg-5Xww6bgDfwMEHFQ92nPx7D3JmGmvXf3yyINtLOA_FJlsYW9Jo8cQK0lm7y1aaQ8Qlr31Z6BTlnt0LLmJ9ySm37Iu6GjrOwh1os1myqE0Hx1_D_zWV7tmbvKJdOXqSV3QLbuJyX4sXmYR6p51w_sVdz8oCuH0KlH2ZrQ5ztoSvQHV4WvfiWRPXMjxnhzkt8ksfvJoqJLRw7xB2bSUbEW_hjDaSgap_gXsDNrZ2sATu0JMS6U0Ey3J3M8ciyEnL0bZvsJxoHA3q7oARV5L9zOud9r9S-V4tQHtz9qN6YRdG4iOe_W3wuZZa4LotBXb8VV8n4&cid=CAQSTgDICaaN8sBhwp5pPYGFFbIsgznwPXpXtezVFI2G_z-oHVjfPHLlggfa7KqAHNTsIb0-4CD0F0oNTxzkr7IsvYO2ChI7UGXnjqOJlWHm4RgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=11532257684692253000&adk=250412561&idt=157&cac=0&dtd=28
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 16:00:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
29158
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 06 Dec 2024 16:00:36 GMT
bz
www.facebook.com/ajax/ Frame 96E7 		0
0
/
cm.lndata.com/ Frame 050A 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 08 Dec 2023 00:06:34 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame B24B 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.231.14.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-231-14-23.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 00:06:34 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame FD30 		39 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 00:06:37 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 050A 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.230.11.166 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-230-11-166.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 08 Dec 2023 00:06:34 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 050A 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 08 Dec 2023 00:16:34 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 050A 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.231.14.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-231-14-23.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cm
c.holmesmind.com/ Frame 050A
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
496 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame 050A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
0
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
x-guploader-uploadid
ABPtcPr5BAswYDBOJaBCQuwxENnr9AeWK3x1ldVrGKQw7O36yVegIxLz9PevGeILXI1p7_7Sp9MPhhcykvSWdtN9HwUx-g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 08 Dec 2023 01:06:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cm.lndata.com/ Frame 14D4 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 08 Dec 2023 00:06:34 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
sd
us-u.openx.net/w/1.0/ Frame 4680
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=115a1572-be2c-466e-bc9c-f4f917af2091&ttd_puid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0&gdpr_consent=
43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=115a1572-be2c-466e-bc9c-f4f917af2091&ttd_puid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=115a1572-be2c-466e-bc9c-f4f917af2091&ttd_puid=85a62931-7f68-745a-da5b-ae72cfa81247&gdpr=0&gdpr_consent=
date
Fri, 08 Dec 2023 00:06:34 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 4680
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXJeCsCo8XUAACUawgMAAAAA
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXJeCsCo8XUAACUawgMAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 08 Dec 2023 00:06:34 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"198.13.35.77","key":"ZXJeCsCo8XUAACUawgMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad318"}
X-SO-Key
ZXJeCsCo8XUAACUawgMAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad318
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXJeCsCo8XUAACUawgMAAAAA
Cache-Control
private
X-SO-HostName
m-ad318.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
m-tgng17.dc4p.scaleout.jp
X-SO-IP
198.13.35.77
sd
jp-u.openx.net/w/1.0/ Frame 4680
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWASAV1TJawXks8AEDt7OFXGtc8AAAGMRr9ZKw
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWASAV1TJawXks8AEDt7OFXGtc8AAAGMRr9ZKw
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 1bddae9b49dd524202e512c8a57980a0.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AWASAV1TJawXks8AEDt7OFXGtc8AAAGMRr9ZKw
cache-control
no-cache
content-length
0
x-amz-cf-id
k10yinnRN6rp8BzK_BT67UU9CydjYzxFR3LqKjaxGtRyxXygqRuKfg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 4680 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTljOWZhZmItYjYxZi0yYWZlLWNmYmItZjRjYjA1NGFkYzI3
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4680
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK6w-hqhRh6QQrGBpVvM87Q&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK6w-hqhRh6QQrGBpVvM87Q&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEK6w-hqhRh6QQrGBpVvM87Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 3CDD
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3...
  • https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMw...
53 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
64.233.187.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
tj-in-f157.1e100.net
Software
cafe /
Resource Hash
6ee10af34850660e0e2c5405b21071347e3dcb8da60f0060281e6ff013238a79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21553
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
server
nginx
x-server-name
app02.jp.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9C10 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.203.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-203-45.lax3.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 14:36:21 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 bd41592b95ad3186fbc9028c3311be92.cloudfront.net (CloudFront)
x-amz-cf-pop
LAX3-C3
age
12130213
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CvKdEKP1TLakZkrwthDvYSdt7cRTgtTOt3BWIwcZBcf7MMCbT_-I8w==
Preset.js
ad.holmesmind.com/adserver/ Frame 3D09 		1 KB
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 08 Dec 2023 00:06:34 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 3D09 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Fri, 08 Dec 2023 00:05:42 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
53
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
wsodOpsupCe80aT-o_au3BG-r3U1b3ztl6XEFVy3GPMRMyZTQG0Ziw==
Preset.js
ad.holmesmind.com/adserver/ Frame 3210 		7 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 08 Dec 2023 00:06:34 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 3210 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-44.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Fri, 08 Dec 2023 00:06:34 GMT
via
1.1 2e231341de86384b8185d321eaa7acd2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
53
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
pDTlzxEGfI1ZLt5V3hSAH3owAtyG12YE1DmdKqg4z_dqputsyHC36g==
cm
c.holmesmind.com/ Frame 14D4 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:35 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8
fp
cm-dev-poc.holmesmind.com/ Frame 14D4 		0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.231.14.23 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-231-14-23.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
google
m.holmesmind.com/ml/ Frame 14D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
age
0
x-guploader-uploadid
ABPtcPr5BAswYDBOJaBCQuwxENnr9AeWK3x1ldVrGKQw7O36yVegIxLz9PevGeILXI1p7_7Sp9MPhhcykvSWdtN9HwUx-g
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 08 Dec 2023 01:06:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEN5HWQ_fjoRMl9aKdPhDCrA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 47C7 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1180f874b584083b79efaa927508773cf992ba632d1ee5392d002e64926b7cb7

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6PwN,pingTime:-3,time:390,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:79%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:390,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B380~0%5D,as:%5B380~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:81%7D&br=c
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6PwQ,pingTime:-6,time:393,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:393,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B382~0%5D,as:%5B382~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:0,renddet:IMG.us,siq:81%7D&tpiLookup=ao:reurl.cc*&br=c
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame 6F78 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CO41pCF5yZZn7FLSrpt8Py-yqaNX2sNJ0ttOzkY8S9-GivcABEAEg0syBGmCJ88WE9BOgAY_VqcUCyAECqQJSrNkm5-49PuACAKgDAcgDCKoEtQJP0N2-es2ZyTHQz6dRq_NcLoE4Dn9pwWbbBELpQXI8DFeYXYUpt1REWQWMfTCo3PptX9ggQ_kRyTzp3UH0HUvPiezBCuwZCAPqKssJqBg9FT7PFuLi3L2nGGmeMbX7iAdAO2WSZpIOY08a4dNbN8OLdw_hM_jxrTX7T6A1jOrVDaJNG93d5WV8eD64fqwaZ9J5Oqaha5LSrOGG-6vGHwCho6A-61a81d4s9nPh1ZaS5819zBcmM0NVO7m0ZsAEuENZMkIDjKoKnT3OaAfamf2G6gWyQut-7TsKMkusfu3bhWwd5k4phQ3izJpeGCFkgghZmo3DFLrI8h6cnQMNMzuId-co8X4FjcHJah0LrTFD8tmriU5KBSoq92OvlHJAmAnPEvWYYJuOFL-8cAb8jwJyF2fOK_XABJKSmM6yBOAEAYgFu9-59kuSBQQIBBgBkgUECAUYBKAGAoAH2arWugGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDFsgPSCB0IgGEQARgdMgKKAjoCgEBIvf3BOlimucnaxf6CA5oJSmh0dHBzOi8vd3d3Lm9pc2l4LmNvbS9zYy9nZG5fYnJfbW9zMDM_Y2FtcGFpZ25pZD0yMDM4MTA2OTI0MyZnY2xpZD17Z2NsaWR9gAoDyAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLEICmmo3wnoK5lgESAgED4g0TCOD1ydrF_oIDFbSV6QUdS7YKDdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=f4sOBFZ86P8&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6Pyf,pingTime:-2,time:480,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1570,beZ:1572,mfA:1577,cmA:1579,inA:1579,inZ:1588,prA:1589,prZ:1642,si:1650,poA:1654,poZ:1736,cmZ:1736,mfZ:1736,loA:1963,loZ:1967,ltA:2049,ltZ:2050%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:79%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:480,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B469~0%5D,as:%5B469~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:0,renddet:IMG.us,siq:81,sinceFw:395,readyFired:false%7D&br=c
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
adview
securepubads.g.doubleclick.net/pagead/ Frame 570F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXUkgCF5yZZr7FLSrpt8Py-yqaNX2sNJ0ttOzkY8S9-GivcABEAEg0syBGmCJ88WE9BOgAY_VqcUCyAECqQJSrNkm5-49PuACAKgDAcgDCKoEtQJP0M9P2x3rS5xjoh5hFrgW1PDq5EACZVo7qVsxxj65Z8G8-tZKd4Oo0ZjDvfzWDbNFWsa2SQU4eMR-8L5ieW1EJeJt60S1u8nQXrPOC8kEeiIxl-MIyLtF9hszs6LbQPSTLjZ4Hd944Vtwz91ih6V6lU97TQDR7cDUUhXcxndUE5TOzpzUpaIo4jilHhFkWOLfM-hiJDs8lHO01tJwtgD7-IuscoW65hzN3KrgyCS1DY0bgoc9yNDNDg234vRgLRZYacl2PbQ349T2h7GtyXB7o3dXOSPumgMk36gdKl3FJWJpliHoV4fqh18CWD_CxgY0ALUruWkn4PGau0G-PzWzykOwEZHspiCzdP67zoJEsMsMPU98p0TBbrldmgG_fSZoGm-w-5A5ohy5IhIXKWdmSkVCuZPABJKSmM6yBOAEAYgFu9-59kuSBQQIBBgBkgUECAUYBKAGAoAH2arWugGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDrpQTSCB0IgGEQARgdMgKKAjoCgEBIvf3BOlimucnaxf6CA5oJSmh0dHBzOi8vd3d3Lm9pc2l4LmNvbS9zYy9nZG5fYnJfbW9zMDM_Y2FtcGFpZ25pZD0yMDM4MTA2OTI0MyZnY2xpZD17Z2NsaWR9gAoDyAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLEJCWxLST8rCEngESAgED4g0TCOH1ydrF_oIDFbSV6QUdS7YKDdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=zf-WeF0mEcw&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame AA4F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
17953
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 19:07:21 GMT
expires
Fri, 06 Dec 2024 19:07:21 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fbevents.js
connect.facebook.net/en_US/ Frame 050A 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 08 Dec 2023 00:06:34 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
kCAC9QdF0XWPhE16JQiIHIpr6syighlbAKuhvetuseO5mUJJ7tO1v7cHJqu2+ZmK+h/uqHPLcFuhcm6txdQ4kg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
font
fonts.gstatic.com/l/ Frame 47C7 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqQ0HdVttghVZ0mgdShge1b3SIf813nzkTMrL-R04_PbZihUCLtl1znH77qqDrp-3BC-6gpGB4zDFJFg8MQ5qahTJAhmbh56jrN_Xll7fR_9Q7MtP4Iqo8Fz55oWSZSC8F-nNpP277xPX0gnWlAajdnhtMClqtLOdXKrtVtdLyYSdsQgJNvp3NpCEMmMzqfv2xAitdAm47p1WOHw4zpJkPfLUxNe0Wd2CEtUMqyHFCGWoXYL2i4_UbBqJAAkVo0I3s3imuKdr8e6igGK_CcwiHotZRy49UPIni1oDN0AEjrZ4MH_XNGaR20smBJ9JpZngHXr2TpKIzXtuIw_rR8niDLRlsMXNPYhXSmso4OwbGPuT0Rjvn7JyEGjStc0Q&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E5%AE%87%E7%9B%AE%E3%82%B70%E9%81%93%E4%B8%8B%E3%83%AD%E3%83%89%E7%94%B0%E3%81%A11%E3%83%94%E9%9D%92%E6%96%99%E3%82%B0%E3%81%8FF4%E6%99%82%E3%83%90%E7%8E%84%E3%81%8B%E8%BF%BD%E3%82%AC%E3%81%B6%E3%83%97%E3%83%A9eS%E6%B1%9F%E7%90%83A%E6%9D%B1%E3%83%83%E4%BA%AC%E5%86%86%E6%B5%B7%E3%81%97%EF%BC%90%E3%83%8D%E3%83%BCW%EF%BC%9F%E6%B8%8B%E3%83%86%E2%88%92%E3%83%80d%E9%96%8B%E9%9D%A2%EF%BC%91Y%E8%A1%97%E5%B7%9DO%E3%83%95%E5%9E%8B%E3%83%A7%E9%9D%9E%20D%E3%82%A32%E5%88%86%E5%8A%A0%E4%B8%81%E9%87%91%E7%94%BA%E3%83%AC%E3%82%A4%E3%82%B6%EF%BC%92%E3%82%BA%E3%83%88%EF%BD%9E%E3%83%B3N%E5%8C%BA%E8%B0%B7%E3%83%A1%E3%81%AE%E5%9C%B0%E8%96%84%E5%9D%82
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
ESF /
Resource Hash
8cd64e9cb7c303f18ae1c7b934c936ad14edecfb11851b0c0a9ae4f902b1e41f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 22:02:53 GMT
x-content-type-options
nosniff
age
7421
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36960
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Thu, 07 Dec 2023 22:02:53 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 47C7 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f3.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 09:32:29 GMT
x-content-type-options
nosniff
age
484445
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Dec 2024 09:32:29 GMT
/
t.ssp.hinet.net/ Frame 050A 		37 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
25ecb881012fe685fd29e52466d2641682e217f11cc407893818a2a585967f98
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
4249
ads.everesttech.net/ads/mts/24650/ Frame 3CDD 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuHGxq2oUM45kaLbNQyJYs8nZ5l5hCE-25KOo7AHc97uWV0ZNu_bXDcibtWUUV-E9pBXK4WW1hmKaGLi3wENrwdv-HTNEJD-vEwcDLkFvgJsG3FgJ6vw36xBoN3OTZIy1ZuingUAhaLe8XRIs-tmAgK8_GRUc4LVyM-25X98sBjQ7Oh1vAogwBJl4KG5PYOYC8_Gd8slHMP2Wsis3dz5UrVWQuk3S5lrh5Scz_q3cproywWNQraPaIH0-8rQBaoqA9uQ2YEdG5YbKDBHfuMCcfIRXT1Qs2tgztXNpYmLXuqYXvGTOhFXjy8Lt7AtoVcpCmPmMEahANGFOAnPjiu8J25e-P4TLt4Iel8ZWZjFu7I1WDHBJxmxNgjLC2kWDpeQ3kTDKRUNNvJ2csktvuGpowUQloIPBLNxF5FKbvdrQaBc2nqcg9rA-btm6bXRfUU99O4FdvdqwYrw5Nt3TdUuld3oC8v7JQ1m3eLvCHrXUTzv2QYqdLxnELffaX8vZdSCil1BnDxJudssFHhS1f3nXHlyENufTxQ-SGkqXivDOvKekJ1shHyngmu3UMWCBpub5XF0LWpTd67MdPIxhU9SJ28WpjLfF0EwbUA5pTnI3d6Y8kSp4lerDMy9vvNO6XwTdJgK1vKF4__lIWyiPVZ2wLSeDPq5-dqo_ottZo0LENbciNcifvaOsTHXIrFBYFeKeDfCNU_vrf1b6JPKCW778fSwTV0CuUeMTnMNJM4rV3WrRPB_FWZh6zLtF1VaSPQqdgp6tCGQ1ylwaT-vIjMsYQUcZkAaaPzOEuVRYXmlkFkbveFyraVZjq2INLj8olm0KPNf0Bun-2dr4AtL-nTi8DJDgwfN592FfyYYoQnf7l3IMGgNd9gLlII0QEmOqsorQYgQrYiMK4LzlZwUHxwbu8oiJ2_v5b5_676ejJzqlQQxUYRrS1yjpmb9P2RHIxEctKzHnXmE1M9pmACBxk5lQL54HpljL1QxzCRHw_4ZasSBEam-33lamhOe91XQMUVMs_soZV3Fxkb6zxcMqSjAsEUgcATJVgtVzN2-Eux-6sB6xbE6Qh76MhsmbG3gJkqPqLpMcSHID3V7Z6jtJ2VsYFSkNLoRjzfoZlQCMoGivIxd_rIO_jXbCaXI9A-NVe6fAQ9JBwZFKqDW9wM25CrVvmkVjDkCpeUJinsrDLOT7gvz-IV9pXmCdILlsQScEiaTV_aFvIQa69H18cMACz9AD-EXlt2WWgYNVcgy5pAo7Wnl4Ko4Pl8sOvK7JrMTYqp3v6-m4NBRpRkvwmi3dmSyM8t3kDpdesp6-hz60X-6kHqWLI_HLlXLUqhpJU2XordViT86FoEVrz249_3LYonpWEoEF3VgaCl9Wc29TLjI-EgQ4OtQIuKWwxf1BWa4xQ&sai=AMfl-YRQO8b2VL7FBFqqfklTlst0acigjE7d9rFYT_ffgtKA1HidSWKs2cTMKJGNzDn2_1qqLp5R8YxO4DpL3IWIyfOFvpZEn98ffu3jxKsSE1eNa2n1vJuvDn0xmATg9x12b-NH6q4huh6VAXx_w9xLKL8_3aPLHVab0LqZULU3MUJ5deroNVH8E3JF1AuXotitv2lFV0NzVKkfChOdtJ47Lz4PZExNBWpeVkbM8k99PZq4P-o0YIwOaIei733WcuXkMyHvZs_8_tGwu7Js1jyN9Lknj10f8Ku7AO6Lnn-leYOEiFLO4bE&sig=Cg0ArKJSzA1un5ihX7OTEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056896&DFA_PlacementId=369312118&DFA_AdId=560370865&DFA_CreativeId=168169384&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369312118&TC_4=168169384&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560370865$dcmrenderingid|168255087$dcmsiteid|6958819$dcmplacementid|369312118$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369312118
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5bf627fb-b17b-1649-df4f-8c5b32ed3ffe,c:wc6PrM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-lr9f9,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:80,oid:a535af3d-955d-11ee-9557-261e33dec9b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.61.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-61-47.us-west-2.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
178c5155804036d8753c8363715bba65049c5f8e4b5dc047d1d708377ba0290a

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
server
AMO-jAds/1.1
p3p
NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type
text/javascript;charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
6782
expires
Fri Dec 08 00:06:35 UTC 2023
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 3CDD 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5bf627fb-b17b-1649-df4f-8c5b32ed3ffe,c:wc6PrM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-lr9f9,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:80,oid:a535af3d-955d-11ee-9557-261e33dec9b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
25
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Dec 2023 00:06:09 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 3CDD 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5bf627fb-b17b-1649-df4f-8c5b32ed3ffe,c:wc6PrM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-lr9f9,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:80,oid:a535af3d-955d-11ee-9557-261e33dec9b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:30:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
63341
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 06:30:53 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3CDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9yQJx9sKxCC6hXaYMxIOib4c2pqejJD8N7keuRv8a2CdSNxSnAojc8em0aus6PWHHXRBFVep_VWeXVvqWFvVSsjTorl18rOBK73BdbHLF7jh-dAebXU4s58onTSsuRgO4o6a7325RwXf4JXm3OQKRQYYkNQ&sai=AMfl-YSAMgrUySbyawBH1x-yecOftjJeNjx-6qt34j8Ui83iSuZ2R4dvES5_jWrYMECYDeXI9_eOHwSG9qpA6mtx2hVBFJAoUM2xB6idL07ljYjqAlvctZhWbhZ4WfPTGQ&sig=Cg0ArKJSzKpeZEIZ7sbgEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20231206.02048&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5bf627fb-b17b-1649-df4f-8c5b32ed3ffe,c:wc6PrM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-lr9f9,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:80,oid:a535af3d-955d-11ee-9557-261e33dec9b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ChqlwCF5yZZj7FLSrpt8Py-yqaM2U4Md0_uSU3qgSZBABINLMgRpgifPFhPQToAHOl6DzKcgBCakCUqzZJufuPT7gAgCoAwHIA8sEqgSwAk_QSTQU9RnjAbfb3RDZBYIqyEMCaA_hGL27sNStgJLws3Gh_gnlJBciPse0HO3YVDTwyVQysvmloEzwbXxnt0J4kWZR61bCXEYWBl_ks2H4vXkuui0QSe8qoPPrTaXPlKJIe20PhkDtzPRRqu6AjMEyUgXf66pBH5XOAb5uA1fv1jcFn8bBK-DQ4LIWT4FG0b0wXpw1WDDoWOVVRyOqOa4d-okItzDrDVbk-BBr8ITGo6-6V5SIyzYwgLG7f1oOsl_cthzEeX9eOhK6gGXXdTcVG67D8kGBL22h42GSSJ0yDoppMaoaQ-o8IocyhhPQcxAmk2_fKwO-XHcp0kSlP47BKPlOFLpY7j8P38d_peFRBroHb2R7HoJXko0gGK4-u2RHbz3EqNcWMSSv_m8o2LrABLH75t69BOAEAYgFwtLqhE2SBQQIBBgBkgUECAUYBKAGLoAHl5Ss0gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDuxQTSCB0IgGEQARgdMgKKAjoCgEBIvf3BOlimucnaxf6CA5oJWmh0dHBzOi8vd3d3Lm93bmRheXMuY29tL2pwL2phL3dlbGNvbWU_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wbWF4JnV0bV9jYW1wYWlnbj1Ub2t5b4AKA8gLAZgMvKfI7MgEogwQKg4KDOS0sQLutbECtbixAtoMEAoKENC9-t_05MOAFBICAQPiDRMI3_XJ2sX-ggMVtJXpBR1LtgoNuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi00MTI2NTU0Nzc5MzkzOTg2GOLMGQ&sigh=u4cZ0pOLP-I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&template_id=515&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 00:06:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 47C7
Redirect Chain
  • https://securepubads.g.doubleclick.net/pagead/adview?ai=ChqlwCF5yZZj7FLSrpt8Py-yqaM2U4Md0_uSU3qgSZBABINLMgRpgifPFhPQToAHOl6DzKcgBCakCUqzZJufuPT7gAgCoAwHIA8sEqgSwAk_QSTQU9RnjAbfb3RDZBYIqyEMCaA_hGL27...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220x3c6e816...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220x3c6e816b7ea6c3e20000000000000000%22,%224%22:%220x368edd365a57808b0000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%229439117998902271022%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216154936020958334465%22}&andc=true
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x9f9ed04407bb7890000000000000000","2":"0xa49d184aecb3f81f0000000000000000","3":"0x3c6e816b7ea6c3e20000000000000000","4":"0x368edd365a57808b0000000000000000","5":"0xe86d43ee1b09863f0000000000000000"},"debug_key":"9439117998902271022","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11247553486"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"16154936020958334465"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
null
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 00:06:35 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f9ed04407bb7890000000000000000","2":"0xa49d184aecb3f81f0000000000000000","3":"0x3c6e816b7ea6c3e20000000000000000","4":"0x368edd365a57808b0000000000000000","5":"0xe86d43ee1b09863f0000000000000000"},"debug_key":"9439117998902271022","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11247553486"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"16154936020958334465"}&andc=true
access-control-allow-origin
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
emome2
t.ssp.hinet.net/ Frame 050A 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=d3c85ad0-b1e8-4080-87aa-620fb87a02c1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:34 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
pagead2.googlesyndication.com/bg/ Frame 2869 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
sffe /
Resource Hash
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:21:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
63911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19719
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 06:21:24 GMT
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame AA4F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 13:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
38977
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 13:16:58 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220x3c6e816b7ea6c3e20000000000000000%22,%224%22:%220x368edd365a57808b0000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%229439117998902271022%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2216154936020958334465%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 08 Dec 2023 00:06:35 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4249
ads.everesttech.net/ads/mts/24650/ Frame 3CDD 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuHGxq2oUM45kaLbNQyJYs8nZ5l5hCE-25KOo7AHc97uWV0ZNu_bXDcibtWUUV-E9pBXK4WW1hmKaGLi3wENrwdv-HTNEJD-vEwcDLkFvgJsG3FgJ6vw36xBoN3OTZIy1ZuingUAhaLe8XRIs-tmAgK8_GRUc4LVyM-25X98sBjQ7Oh1vAogwBJl4KG5PYOYC8_Gd8slHMP2Wsis3dz5UrVWQuk3S5lrh5Scz_q3cproywWNQraPaIH0-8rQBaoqA9uQ2YEdG5YbKDBHfuMCcfIRXT1Qs2tgztXNpYmLXuqYXvGTOhFXjy8Lt7AtoVcpCmPmMEahANGFOAnPjiu8J25e-P4TLt4Iel8ZWZjFu7I1WDHBJxmxNgjLC2kWDpeQ3kTDKRUNNvJ2csktvuGpowUQloIPBLNxF5FKbvdrQaBc2nqcg9rA-btm6bXRfUU99O4FdvdqwYrw5Nt3TdUuld3oC8v7JQ1m3eLvCHrXUTzv2QYqdLxnELffaX8vZdSCil1BnDxJudssFHhS1f3nXHlyENufTxQ-SGkqXivDOvKekJ1shHyngmu3UMWCBpub5XF0LWpTd67MdPIxhU9SJ28WpjLfF0EwbUA5pTnI3d6Y8kSp4lerDMy9vvNO6XwTdJgK1vKF4__lIWyiPVZ2wLSeDPq5-dqo_ottZo0LENbciNcifvaOsTHXIrFBYFeKeDfCNU_vrf1b6JPKCW778fSwTV0CuUeMTnMNJM4rV3WrRPB_FWZh6zLtF1VaSPQqdgp6tCGQ1ylwaT-vIjMsYQUcZkAaaPzOEuVRYXmlkFkbveFyraVZjq2INLj8olm0KPNf0Bun-2dr4AtL-nTi8DJDgwfN592FfyYYoQnf7l3IMGgNd9gLlII0QEmOqsorQYgQrYiMK4LzlZwUHxwbu8oiJ2_v5b5_676ejJzqlQQxUYRrS1yjpmb9P2RHIxEctKzHnXmE1M9pmACBxk5lQL54HpljL1QxzCRHw_4ZasSBEam-33lamhOe91XQMUVMs_soZV3Fxkb6zxcMqSjAsEUgcATJVgtVzN2-Eux-6sB6xbE6Qh76MhsmbG3gJkqPqLpMcSHID3V7Z6jtJ2VsYFSkNLoRjzfoZlQCMoGivIxd_rIO_jXbCaXI9A-NVe6fAQ9JBwZFKqDW9wM25CrVvmkVjDkCpeUJinsrDLOT7gvz-IV9pXmCdILlsQScEiaTV_aFvIQa69H18cMACz9AD-EXlt2WWgYNVcgy5pAo7Wnl4Ko4Pl8sOvK7JrMTYqp3v6-m4NBRpRkvwmi3dmSyM8t3kDpdesp6-hz60X-6kHqWLI_HLlXLUqhpJU2XordViT86FoEVrz249_3LYonpWEoEF3VgaCl9Wc29TLjI-EgQ4OtQIuKWwxf1BWa4xQ%26sai%3DAMfl-YRQO8b2VL7FBFqqfklTlst0acigjE7d9rFYT_ffgtKA1HidSWKs2cTMKJGNzDn2_1qqLp5R8YxO4DpL3IWIyfOFvpZEn98ffu3jxKsSE1eNa2n1vJuvDn0xmATg9x12b-NH6q4huh6VAXx_w9xLKL8_3aPLHVab0LqZULU3MUJ5deroNVH8E3JF1AuXotitv2lFV0NzVKkfChOdtJ47Lz4PZExNBWpeVkbM8k99PZq4P-o0YIwOaIei733WcuXkMyHvZs_8_tGwu7Js1jyN9Lknj10f8Ku7AO6Lnn-leYOEiFLO4bE%26sig%3DCg0ArKJSzA1un5ihX7OTEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056896&DFA_PlacementId=369312118&DFA_AdId=560370865&DFA_CreativeId=168169384&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369312118&TC_4=168169384&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560370865$dcmrenderingid|168255087$dcmsiteid|6958819$dcmplacementid|369312118$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369312118&edge=y&html5=y&nr=0.24834070888911586
Requested by
Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuHGxq2oUM45kaLbNQyJYs8nZ5l5hCE-25KOo7AHc97uWV0ZNu_bXDcibtWUUV-E9pBXK4WW1hmKaGLi3wENrwdv-HTNEJD-vEwcDLkFvgJsG3FgJ6vw36xBoN3OTZIy1ZuingUAhaLe8XRIs-tmAgK8_GRUc4LVyM-25X98sBjQ7Oh1vAogwBJl4KG5PYOYC8_Gd8slHMP2Wsis3dz5UrVWQuk3S5lrh5Scz_q3cproywWNQraPaIH0-8rQBaoqA9uQ2YEdG5YbKDBHfuMCcfIRXT1Qs2tgztXNpYmLXuqYXvGTOhFXjy8Lt7AtoVcpCmPmMEahANGFOAnPjiu8J25e-P4TLt4Iel8ZWZjFu7I1WDHBJxmxNgjLC2kWDpeQ3kTDKRUNNvJ2csktvuGpowUQloIPBLNxF5FKbvdrQaBc2nqcg9rA-btm6bXRfUU99O4FdvdqwYrw5Nt3TdUuld3oC8v7JQ1m3eLvCHrXUTzv2QYqdLxnELffaX8vZdSCil1BnDxJudssFHhS1f3nXHlyENufTxQ-SGkqXivDOvKekJ1shHyngmu3UMWCBpub5XF0LWpTd67MdPIxhU9SJ28WpjLfF0EwbUA5pTnI3d6Y8kSp4lerDMy9vvNO6XwTdJgK1vKF4__lIWyiPVZ2wLSeDPq5-dqo_ottZo0LENbciNcifvaOsTHXIrFBYFeKeDfCNU_vrf1b6JPKCW778fSwTV0CuUeMTnMNJM4rV3WrRPB_FWZh6zLtF1VaSPQqdgp6tCGQ1ylwaT-vIjMsYQUcZkAaaPzOEuVRYXmlkFkbveFyraVZjq2INLj8olm0KPNf0Bun-2dr4AtL-nTi8DJDgwfN592FfyYYoQnf7l3IMGgNd9gLlII0QEmOqsorQYgQrYiMK4LzlZwUHxwbu8oiJ2_v5b5_676ejJzqlQQxUYRrS1yjpmb9P2RHIxEctKzHnXmE1M9pmACBxk5lQL54HpljL1QxzCRHw_4ZasSBEam-33lamhOe91XQMUVMs_soZV3Fxkb6zxcMqSjAsEUgcATJVgtVzN2-Eux-6sB6xbE6Qh76MhsmbG3gJkqPqLpMcSHID3V7Z6jtJ2VsYFSkNLoRjzfoZlQCMoGivIxd_rIO_jXbCaXI9A-NVe6fAQ9JBwZFKqDW9wM25CrVvmkVjDkCpeUJinsrDLOT7gvz-IV9pXmCdILlsQScEiaTV_aFvIQa69H18cMACz9AD-EXlt2WWgYNVcgy5pAo7Wnl4Ko4Pl8sOvK7JrMTYqp3v6-m4NBRpRkvwmi3dmSyM8t3kDpdesp6-hz60X-6kHqWLI_HLlXLUqhpJU2XordViT86FoEVrz249_3LYonpWEoEF3VgaCl9Wc29TLjI-EgQ4OtQIuKWwxf1BWa4xQ&sai=AMfl-YRQO8b2VL7FBFqqfklTlst0acigjE7d9rFYT_ffgtKA1HidSWKs2cTMKJGNzDn2_1qqLp5R8YxO4DpL3IWIyfOFvpZEn98ffu3jxKsSE1eNa2n1vJuvDn0xmATg9x12b-NH6q4huh6VAXx_w9xLKL8_3aPLHVab0LqZULU3MUJ5deroNVH8E3JF1AuXotitv2lFV0NzVKkfChOdtJ47Lz4PZExNBWpeVkbM8k99PZq4P-o0YIwOaIei733WcuXkMyHvZs_8_tGwu7Js1jyN9Lknj10f8Ku7AO6Lnn-leYOEiFLO4bE&sig=Cg0ArKJSzA1un5ihX7OTEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30056896&DFA_PlacementId=369312118&DFA_AdId=560370865&DFA_CreativeId=168169384&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369312118&TC_4=168169384&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560370865$dcmrenderingid|168255087$dcmsiteid|6958819$dcmplacementid|369312118$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369312118
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.61.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-61-47.us-west-2.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
5bfe37a568c142cdb19b871816715cf8874b25e488947f6534602d8c64359499

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
text/javascript;charset=utf-8
pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server
AMO-jAds/1.1
expires
Fri Dec 08 00:06:35 UTC 2023
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6PHS,pingTime:-10,time:1077,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNTQwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS42MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701993995388%7C%7C39ae78c5a64a978087cb424a4adfd951%7C%7Ceb9c792939e9f4e1297dd3ce19e62cf5%7C%7C83161609b68b238b395ccd712b5cbbea%7C%7C610fd3bc92bf179db1a5668d63fa4de8%7C%7Cd28c67a6e856d5708ea191df5e6aa3a5%7C%7C174c466fa28c9ca3aedf2daa0f30929b%7C%7Cfbafd177886c26a6766e4cbdd3460096%7C%7C1663701684%7D
Requested by
Host: 42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
URL: https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
cm
t.ssp.hinet.net/ Frame 050A 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=d3c85ad0-b1e8-4080-87aa-620fb87a02c1
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:35 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
d3c85ad0-b1e8-4080-87aa-620fb87a02c1.t.ssp.hinet.net/ Frame 050A 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3c85ad0-b1e8-4080-87aa-620fb87a02c1.t.ssp.hinet.net/pixel?bd=d3c85ad0-b1e8-4080-87aa-620fb87a02c1&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:35 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
html5-ad-script_v4.html
dco-assets.everestads.net/ics-campaign/static/dco/ Frame A9AA 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXJeCwAABJp7PUEz
Requested by
Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuHGxq2oUM45kaLbNQyJYs8nZ5l5hCE-25KOo7AHc97uWV0ZNu_bXDcibtWUUV-E9pBXK4WW1hmKaGLi3wENrwdv-HTNEJD-vEwcDLkFvgJsG3FgJ6vw36xBoN3OTZIy1ZuingUAhaLe8XRIs-tmAgK8_GRUc4LVyM-25X98sBjQ7Oh1vAogwBJl4KG5PYOYC8_Gd8slHMP2Wsis3dz5UrVWQuk3S5lrh5Scz_q3cproywWNQraPaIH0-8rQBaoqA9uQ2YEdG5YbKDBHfuMCcfIRXT1Qs2tgztXNpYmLXuqYXvGTOhFXjy8Lt7AtoVcpCmPmMEahANGFOAnPjiu8J25e-P4TLt4Iel8ZWZjFu7I1WDHBJxmxNgjLC2kWDpeQ3kTDKRUNNvJ2csktvuGpowUQloIPBLNxF5FKbvdrQaBc2nqcg9rA-btm6bXRfUU99O4FdvdqwYrw5Nt3TdUuld3oC8v7JQ1m3eLvCHrXUTzv2QYqdLxnELffaX8vZdSCil1BnDxJudssFHhS1f3nXHlyENufTxQ-SGkqXivDOvKekJ1shHyngmu3UMWCBpub5XF0LWpTd67MdPIxhU9SJ28WpjLfF0EwbUA5pTnI3d6Y8kSp4lerDMy9vvNO6XwTdJgK1vKF4__lIWyiPVZ2wLSeDPq5-dqo_ottZo0LENbciNcifvaOsTHXIrFBYFeKeDfCNU_vrf1b6JPKCW778fSwTV0CuUeMTnMNJM4rV3WrRPB_FWZh6zLtF1VaSPQqdgp6tCGQ1ylwaT-vIjMsYQUcZkAaaPzOEuVRYXmlkFkbveFyraVZjq2INLj8olm0KPNf0Bun-2dr4AtL-nTi8DJDgwfN592FfyYYoQnf7l3IMGgNd9gLlII0QEmOqsorQYgQrYiMK4LzlZwUHxwbu8oiJ2_v5b5_676ejJzqlQQxUYRrS1yjpmb9P2RHIxEctKzHnXmE1M9pmACBxk5lQL54HpljL1QxzCRHw_4ZasSBEam-33lamhOe91XQMUVMs_soZV3Fxkb6zxcMqSjAsEUgcATJVgtVzN2-Eux-6sB6xbE6Qh76MhsmbG3gJkqPqLpMcSHID3V7Z6jtJ2VsYFSkNLoRjzfoZlQCMoGivIxd_rIO_jXbCaXI9A-NVe6fAQ9JBwZFKqDW9wM25CrVvmkVjDkCpeUJinsrDLOT7gvz-IV9pXmCdILlsQScEiaTV_aFvIQa69H18cMACz9AD-EXlt2WWgYNVcgy5pAo7Wnl4Ko4Pl8sOvK7JrMTYqp3v6-m4NBRpRkvwmi3dmSyM8t3kDpdesp6-hz60X-6kHqWLI_HLlXLUqhpJU2XordViT86FoEVrz249_3LYonpWEoEF3VgaCl9Wc29TLjI-EgQ4OtQIuKWwxf1BWa4xQ%26sai%3DAMfl-YRQO8b2VL7FBFqqfklTlst0acigjE7d9rFYT_ffgtKA1HidSWKs2cTMKJGNzDn2_1qqLp5R8YxO4DpL3IWIyfOFvpZEn98ffu3jxKsSE1eNa2n1vJuvDn0xmATg9x12b-NH6q4huh6VAXx_w9xLKL8_3aPLHVab0LqZULU3MUJ5deroNVH8E3JF1AuXotitv2lFV0NzVKkfChOdtJ47Lz4PZExNBWpeVkbM8k99PZq4P-o0YIwOaIei733WcuXkMyHvZs_8_tGwu7Js1jyN9Lknj10f8Ku7AO6Lnn-leYOEiFLO4bE%26sig%3DCg0ArKJSzA1un5ihX7OTEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30056896&DFA_PlacementId=369312118&DFA_AdId=560370865&DFA_CreativeId=168169384&DFA_SiteId=6958819&TC_1=cmmiil1qng4&TC_2=30056896&TC_3=369312118&TC_4=168169384&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560370865$dcmrenderingid|168255087$dcmsiteid|6958819$dcmplacementid|369312118$customer|Microsoft$dv360auctionid|ct=JP&st=&city=8683&dma=0&zp=&bw=4&DCM_PlacementID=369312118&edge=y&html5=y&nr=0.24834070888911586
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3934
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 00:06:35 GMT
ETag
"150315370-3fce-5e32201ac1000"
Expires
Fri, 08 Dec 2023 01:06:35 GMT
Last-Modified
Wed, 06 Jul 2022 12:21:20 GMT
Server
Apache
Vary
Accept-Encoding
X-Permitted-Cross-Domain-Policies
all
truncated
/ Frame 3CDD 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
18c1290ed22e75df938f60831d47506fc214b7d6674772e82f0b5b6f28ead5c9

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
mraid.js
dco-assets.everestads.net/ics-campaign/static/dco/ Frame A9AA 		0
390 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXJeCwAABJp7PUEz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXJeCwAABJp7PUEz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Wed, 06 Jul 2022 12:21:20 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"150315371-0-5e32201ac1000"
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
Expires
Fri, 08 Dec 2023 01:06:35 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 3CDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst9yQJx9sKxCC6hXaYMxIOib4c2pqejJD8N7keuRv8a2CdSNxSnAojc8em0aus6PWHHXRBFVep_VWeXVvqWFvVSsjTorl18rOBK73BdbHLF7jh-dAebXU4s58onTSsuRgO4o6a7325RwXf4JXm3OQKRQYYkNQ&sai=AMfl-YSAMgrUySbyawBH1x-yecOftjJeNjx-6qt34j8Ui83iSuZ2R4dvES5_jWrYMECYDeXI9_eOHwSG9qpA6mtx2hVBFJAoUM2xB6idL07ljYjqAlvctZhWbhZ4WfPTGQ&sig=Cg0ArKJSzKpeZEIZ7sbgEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=638&vt=11&dtpt=636&dett=4&cstd=0&cisv=r20231206.02048&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525516/72173819/xbbe/creative/adj?p=APEucNVxb0Inxa-pdiAUZ3uI4Uslwmul_yp1zp8gP0BCIi2k274p0Ho&d=CokBAKAmf-AdcftcZmddB1x4WQ0VvZGDlV0Ax049KrCuwhgsUjDlnaBC0qFAID3DNXsoXy7kJqYVwOeGiKAyYskMwwM6Wdgyyw5aDkqCbIBuvJTkoTAdm1Swd9vOi-e3MD-AI_Xhk_JpiA2SOVt4Oy3Sq9SHpIGdYaeAKR4BaaY_SMDW35IZZIRdtHUSyRUAoCZ_4HMV7QBc1otR3C1HmCBWkh9ThUf6BsVZ-fZGs0pfsW4q8gUMg4y1PVUHor6PftKkXkMQuGD10m8s1rkH1sfavOWdCi4nHz4jqUOly0zasfyKS6aVqJk_OB-SmRQRpIQ7u5Kzmoi_T3mG78QKA24p0O6NRXEgRQY0nDiZO0J5A55Hc8ekSjjLEJg8eYbv2gkLmSi5IBGScIaoRrwccPg0FZpcg923UqzKtmPL4c_gx9l_D-tbq8Rd8EqXadFs2bCrvQbLDzBczgHU2l6McfPloUsMHddSzLAPLU5LAl-lAX6xNpxeqkKC1Y7RXAxNXD2cMDLw3kvuGNH18EZFpkdcw1uXww32PJmq-9RdepA_8_-4YUK00lY8QW7dgbjeaVNd_zc9nhRXe5xxr8kfAz3i7ZUmQICUAEixTGkA7j-dpxiZjef1gFoip8kjCsNNAMJMyPbD4p0GBrlo6kceP0rhVhuEvudZWDxGRw8seAEHz05VXuynjKElMlqgHndpv6nOsxjXf71jwybglU3tvAsoYw1yKfWb-PoEWw1j0Z5lgNLcCEorS2HbRsKItGFroFK9DOZ-X6vWXfKeTMDtWl4_WjVDroBpnLhP3i998ih3Qd612E_LzF99v2rwhHB5WatLJKHqzCLsCbnK71eHXe_yR5BIMjVmtxMjy70ZT_GPLlE-fvmTH_uLY7XGQ52riKGl_I09JAzFGrJHGnLNjDhQvZRR0r-zm9mfJaQpQH2D2qqrdxSbxwiEKuE-yywkQa7mMStMB0f7qPQU4Cz9jgWbVRnNIomMoj7GRh8OuXQ1zpZ8nyiHg97S_ilAdslhOTkErJZncZ4ZlwDMdO83-75UcssZNczAqQyCVec5qMdIfkeXVlVh2PbOlyqLUwwwQBvEMiRNCeV5kz7Rm7b6ov8ZvrTKFlALZn-fR6y7wuYP4uU4TnDlYPVo11czN8qH4PF-EiZ5USVR0N1gntfpRQusmEUGiJrgEZBbAUAfEBWD_G-5Vt2wzH-_2sq4Vuw84PLjbdepEksZ_fdUQlN29AAKEztkvzK0fLwy188lFebAVo-Hvi48bRHex-0Ta6GGVGRpaxaCcnGP_bKETPeImT2MpffTz1Tay6nEPnIQNW5RW0DvRzTZiNv27fDw07tI3AvyYsWLklDa0aQvuWt8xTz-fi0FoHb0e4nRTrmR4i2Es74JXR_cBq5KXvvPWXh56ocmVpjt14eB11WIJKc0NfZaoFe06xswJROpNLE7-mWPUnT-c8rvUMJ7T0t0_YAA9YOUD_qidCL28WvCeDnGmqVTSn2f3neCRqZ6D0u3Vtcuuwa_SkTeSMTG40ePyZvrptSvuneMknnT8uAhr7QXjqdP2pkuaNPID93uiWm08EHhrPQcmhnhpce2kI2sZ5NwYn-SD6myftO9KgcShcWPpyYH-RDeOjXmpFZmfkizWbmYBksGF7lHvwwJGTm8gRKtudhxNCrzW0mdytFy7skcV7jITdT884sFXKacstTyFasMFUtACijnAmDeYvgsmgc_LxqHWC1cAhmTKZ2u87bLAYtqjehNl3uoLg1q2iS6b2i21Ysm4fmYK5igLDlfAKzI2HfHdK7FMzxrMJY-fR_VUZ2sXFUDyiDd5zZZ2ttKtST3A_fVyqa5tOovwn1xETjH3oBU5xjXXAuY2g99EdyK08b9B4CPeO_xwmRJtkqmSztOCkuxS5aPNaBAhiOxBJ9zyp2eQhipNH4Dua_I1ypZBp1dzBAlA2dhSPUriWPy1KOyxpCqIKuqc5Mfp9OHv1CnC86d1oE4GZUO-uGdf02SY48KIDzRcMw24u-J7b2tqtHBtzTnhIfOBoJDS7XeU4wRny21AAh-GGvwte9w6sZN4K-uDz2iZJQ-mvp8x6tNsvFrbKeU4jrS2A4uwUFroeX6RB1sT9yYdkwqzjcMlzgtyvlGX9R1RNxu8ABN2ed4knaD1i0OFNF57lTNGSFJMED_VnPxQ-PvmStiPmjem6p8MWv5ptnWLAm5mzzHhdkXkVbTYoRcZg4dCHYQNvfFY3YYehqd67pleQCz62D8T65Rs-makazkYlR9lbAaHYHCIg2Da1CnxATYQ_drCORzd8YV1VI7_jPxWABwusu_d6Ln1STMihO05J4vbTY_8gb8wyvTUqpmTUWROcHr5emzRgCtfOqK-nu417H2TZoVVGMoVz-l9OhiZigOwZ6aGpeM2-_bd5mqjvXOaDYE2qVJS60sG2qqL6cpyS8hqaBXRXO8syW8lL2SzYPuL-6OXTWIBLaoFZw3sSiiJypkAiyl1npl1rNalvl7vOvaA9r3qUhD14oOHNwJtZCEBkHifwB34J6jqNJebptrFffHBu4nzonJB-cRyezeP6PJjkp8W6bE3OUpGHewdFUPFy50L6mEaOyxEmDJfPuq6Hkl-3JplzKjbHHyhr-Rp-Ex7lHT2L8-YbKyW4gn7U523cyioi208C0rhvwoubh3BtKBTLmlZMyJRQkUMVYHh1lUmzD4os9P1_feAylOdxMDxa0OO0shkvrrVFbIVJMemCCfuFpsBdQgaVYf0bBQa2VrclHYGZHNE5fbW7kprvUTgyjZM1mnlgrKs61XKfZ2dUMBVn5DRFp_OZLtqebfxQ2_qQREmYKYsD6IEBuy-yZdxIaBch1pUgYAmjkVKSQtOHBPtP132kt2Kx0sKAZ9ud_CzFWT_DYngrJ_0vqOzSZC3zvSBTLq4Tyu4dCOqlG10kODSy_X_lq2Qu1iUnypDyoGssiPdxW4_KxWcvzlhKU0g_uAN_V9DhPMwa9cxwy-GwWF6jHD1Ed5810m2l8X6McqlKbT7KLRav0uefk2jDuIUX28T70VW4qRT1sEWe7SA0j3V75kILS3flv9rmEvJw1whQww8o12T4EIYfimZg5A2HeIIoVrwI3V3QpJ3oONUKXQu542svLPBYao40AA_I4lz8mtiGbFj3ciuU8Z-JlzHaEg40WKUvZyzE-41m8BE-BU8y2W13eNcJjy83XJ0GOscxx2pf6hNzwYHS5kK8nJ47OYhum6yYf810sRPauzLFUJS8D_gO3uvdNH1znHTj3djwo-oki7BdYGpIimVWAriLtAc1sQtyoEqMo0Z91KKlEkW63CXwLBb1cLvskl1vjecx9MCMhLbwcFOze13TswDRb3_pTOnsEXOlyaFsZ4JC_9aS0d6NsqcEZgdg6G5i4y8PrKcFVMBTo5FhOXGzRYgB9TyMaRunZzN5sVhOaS1WDLPkC2-GnB8oXZ0ph1AM7t5c9OLswH0QHdIeOB13-wd1nG7oqbGEDBtmjUojLvx3hDNRSanu091mN2u_GePRfqliCeY9coHEXQQ058NEDoRqSaekuNmqztykJiVA4d8Gs6dMwiO8hJoV2a01-2s7Sm7lzXZA4oPFRDTmH9T9YxVSRj2tJOy87goXanozqVPUnRp2X2bhYMGsFWKcaqDTSY5D6s6E_ah53FifeciQeiG03yCsqDFpFFmFSnco_dAaTtW52Kmli9jlqhYJKDHHznlVn69htVJPzV9hBsdj24CzMknkrTZ_Fze2kNFmXn0qZRlBkjT1q1d4SL4ktokyUztLONELMCYBbrLY5YUM3j8ODfnSnQ9LdYxshfNzLN71r8fS4BKGbIRRDGiv_MXF7BBTHoxyqYajPm4utV0wvJGlQIBBJOAMgJpo3ywGHCnmk9gYUVsiyDOfA9ele17NUUjYb_P6gdWN88cuWCB9rsqoAc1OwhvT7gIPQXSg1PHOSvsiy9g7YKEjtQZeeOo4mVYebhGAFgAQ&cry=1&bundleId=&ias_dspID=3&ias_campId=1013075760&ias_pubId=pub-1310852604335254&ias_chanId=1&ias_placementId=20268485269&bidurl=https://reurl.cc/gaOWLp&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0g1t5kPMVtXb_bKgZBzGgeF&adsafe_url=https%3A%2F%2Freurl.cc&adsafe_type=y&adsafe_url=https%3A%2F%2Freurl.cc%2FgaOWLp&adsafe_type=e&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:5bf627fb-b17b-1649-df4f-8c5b32ed3ffe,c:wc6PrM,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-74989cd8c9-lr9f9,rg:jp,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:6,mot:0,app:0,maw:0,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:80,oid:a535af3d-955d-11ee-9557-261e33dec9b6,v:19.8.464,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
300x250.html
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/ Frame 8BA6 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXJeCwAABJp7PUEz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
841c6bbbb5de52a2907e9b2a232a8a2fbe5043d8b770cf6ba57edeca063857a2

Request headers

Referer
https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZXJeCwAABJp7PUEz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Length
3810
Content-Type
text/html; charset=UTF-8
Date
Fri, 08 Dec 2023 00:06:35 GMT
ETag
"1a95254f9-370d-60561f5f98140"
Expires
Fri, 08 Dec 2023 01:06:35 GMT
Last-Modified
Fri, 15 Sep 2023 08:55:57 GMT
Server
Apache
Vary
Accept-Encoding
X-Permitted-Cross-Domain-Policies
all
style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/css/ Frame 8BA6 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/css/style.min.css
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Fri, 15 Sep 2023 08:55:57 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1a90bd26a-11d1-60561f5f98140"
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4561
Expires
Fri, 08 Dec 2023 01:06:35 GMT
AMOLibrary.js
ads.everesttech.net/ads/static/local/ Frame 8BA6 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.61.47 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-61-47.us-west-2.compute.amazonaws.com
Software
AMO-jAds/1.1 /
Resource Hash
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
cache
date
Fri, 08 Dec 2023 00:06:35 GMT
last-modified
Wed, 22 Dec 2021 09:29:42 GMT
server
AMO-jAds/1.1
etag
W/"5582-1640165382000"
content-type
application/javascript
cache-control
cache,store,max-age=86400
accept-ranges
bytes
content-length
5582
gsap.min.js
cdn.jsdelivr.net/npm/gsap@3.0.1/dist/ Frame 8BA6 		54 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/gsap@3.0.1/dist/gsap.min.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
content-encoding
br
age
2642236
x-jsd-version
3.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23008
x-served-by
cache-fra-eddf8230095-FRA, cache-nrt-rjtf7700044-NRT
x-jsd-version-type
version
etag
W/"d8fc-fe8VvabeDqL+WzK+waTDAMtuAsE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
script.min.js
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/ Frame 8BA6 		7 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/script.min.js
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Fri, 15 Sep 2023 08:55:57 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1a95254fb-1cef-60561f5f98140"
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7407
Expires
Fri, 08 Dec 2023 01:06:35 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 99C9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuLMOCfxdAt0VY_JC5nzrBOPTqez4IchqSN62kJjXLXsjamy66K_wosqar1zSGe984L1nrHq_LmjuWYkMkEThvr8XydgRSaMeksiwa5NuMIf_3oXJ8bBE7_vi7svW3i8eQoedBYsqZ1aw6EsYebddeDBlD1euVTzbj_Y8MwPYRobtuzgsqCwDitY72TOMnKkJXqVfLHFhqy5gY26mAB3FsvuTckpjvwrxkMhi3FB48Un3G1evJq5mNZxOVB9GNtlSqHejgm2bzjS9-oFbTmhkye5PwVQwfgwuL8HhET6YtsN_-bD-dKIE5TqRpZYRNDyJw9NSg_hYWin-rRnqKUC_aMMnvaT97bq2AJ1FdkZdfUx0D4-EFrtS2pJSNpiuQI_Ec&sai=AMfl-YTcg7QS0Um0RW9ozE0HZ1ACcvfVL0dXl2LGaS_Z_qOkfu2CAQC4srNTb1TUa4pXuCB_Fsl_NZJ6yu4zYXNbKZ_Q8dsPGN9lDwQOFUDMVJcJ8Q_sfIy0I_9R60Vi4y7r1QAQpRKToQcYRQxHwUIe7GqgAgqxZuk1NNGd_g&sig=Cg0ArKJSzK4wF3tNCLK7EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 00:06:35 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F78 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslDYjJf7yy-WJkiKFP02oJvzNJSC59VaKr6QoVD-cHPgraumnKNXuNG1igqbzV48Yjn5Z4vlBG4pkdmidK_fSlEOsOk6QRaPO1RrKaLHgOewqh1uOK3pSWrhYrqD3ICOwUwiKv9Dj2Cg&sai=AMfl-YSA-txbkeHQdxAKJWoeNbhMs_PsmJf6proC6TQUyiijeiYJGmV630W7i7Yr0AbZoY1jz56eyJByxpq-RjChymW8AztPRetNSg1awuq-uj9ZxyYB5LL0glDlT63ND8hEmM5U-QvaBtpZ5xIOQrvPzviVnxSjeCECPVg&sig=Cg0ArKJSzFumwbq0SvL2EAE&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&id=ampim&o=1030,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1083&mtos=0,0,1083,1083,1083&tos=0,0,1083,0,0&tfs=1757&tls=2840&g=100&h=100&tt=2841&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 570F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstk6iOLNiTTXODRBMVI9WXhFxiQ3XQoEAubdWZQDlX-V56Mu-FDsP_8cwGPMpLQeXgZLSZNuZEyjB7HzB7o-5WGDYm3lBI5UuNHGLcsBwleyV72lyNWB2cObHBjp-H_ocEVg_qQIHhTzg&sai=AMfl-YQMW7vKl9JZdFxpti45nFxPX0697jhUHxV760D-JxmJ-DlgJwVXi91gIjAPm3veLMXg9i2hqG09u01r-7Qly1cgSCtRBfNe7NjJ81nHJk5ayJySkZwQUfUX-FdWyjo5kloFCHLdfAZaHVTaGOrZrELibKcMQD71IUU&sig=Cg0ArKJSzJ9kX6dp_XeEEAE&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1035&mtos=0,0,1035,1035,1035&tos=0,0,1035,0,0&tfs=1779&tls=2814&g=100&h=100&tt=2814&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/fonts/ Frame 8BA6 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/fonts/SegoePro-Semibold.woff
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Origin
https://dco-assets.everestads.net
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Fri, 15 Sep 2023 08:55:57 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"1a95254fa-74a0-60561f5f98140"
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29856
Expires
Fri, 08 Dec 2023 01:06:35 GMT
e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame 8BA6 		110 B
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Mon, 04 Dec 2023 19:53:08 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"106564822-6e-60bb47797b1b4"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
110
Expires
Fri, 08 Dec 2023 01:06:35 GMT
dbe512c2dfe33374d9f21754fe2103e0.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 8BA6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/dbe512c2dfe33374d9f21754fe2103e0.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d4ae677eb05a7cbf4df32537fdef742116d54a8fe0b6ceb335ac564777ede299

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Mon, 04 Dec 2023 19:53:20 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"152979814-4f19-60bb4784f8c39"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20249
Expires
Fri, 08 Dec 2023 01:06:35 GMT
0b69673cabb63518958b2b9a171ff66d.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 8BA6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/0b69673cabb63518958b2b9a171ff66d.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5822473962458d0280aa5c92e6c8da3c4a10cc76ea55bd3c06ab8bf64eb4bd7

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Mon, 04 Dec 2023 19:53:52 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"10573e08d-78f-60bb47a35fd66"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
Expires
Fri, 08 Dec 2023 01:06:35 GMT
dbe512c2dfe33374d9f21754fe2103e0.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 8BA6 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/dbe512c2dfe33374d9f21754fe2103e0.png
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/script.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d4ae677eb05a7cbf4df32537fdef742116d54a8fe0b6ceb335ac564777ede299

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Mon, 04 Dec 2023 19:53:20 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"152979814-4f19-60bb4784f8c39"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20249
Expires
Fri, 08 Dec 2023 01:06:35 GMT
0b69673cabb63518958b2b9a171ff66d.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 8BA6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/0b69673cabb63518958b2b9a171ff66d.png
Requested by
Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/script.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.100.19 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-100-19.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e5822473962458d0280aa5c92e6c8da3c4a10cc76ea55bd3c06ab8bf64eb4bd7

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Fri, 08 Dec 2023 00:06:35 GMT
Last-Modified
Mon, 04 Dec 2023 19:53:52 GMT
Server
Apache
X-Permitted-Cross-Domain-Policies
all
ETag
"10573e08d-78f-60bb47a35fd66"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1935
Expires
Fri, 08 Dec 2023 01:06:35 GMT
imp
analyticspixel.microsoft.com/aid/ Frame 8BA6 		0
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZXJeCwAABJp7PUEz&dcmadvertiserid|8391437$dcmcampaignid|30056896$dcmadid|560370865$dcmrenderingid|168255087$dcmsiteid|6958819$dcmplacementid|369312118$customer|Microsoft$dv360auctionid|ct=JP
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.204 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0005.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://dco-assets.everestads.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E26AD3837DBF4F1598C019FD7203673F Ref B: TYAEDGE0708 Ref C: 2023-12-08T00:06:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA4F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BumsmCV5yZandLNmfid4PsMGR0A0AAAAAOAHgBAI&bg=!4eKl4q3NAAY3kmNgF5I7ADQBe5WfOIkDIZZfGeuAs9lffeY26O7MloZbZEpvWfC2g0JyNJsFsGujIX5exp35ldRL5Dm8AgAAAnhSAAAAC2gBBwoAJanIRWXWcEvGZ_F7AdHA3C0NMadIT3aA1ngjQY7LCY34LXqiuhGZA0n8-1hONnygy1aKyMTAXm9UYHgPp72wXnYIy8a92amG-pPcTK6C7XCU4KD1LthJiC5AYXtKMGMqOWVuUMzTOByT0jeaPmWK6qmpshUN2a2Iwzr01byAdPfe3kACZHMcdczlwJrkwV2sSugyoCj4iF3e8_bBU_akIXJI2739ToR7kFMLArvx75eCf5V3o43JWcOQwe9NrLxZ2BmZOyIjMB4qHMaT12-QbDfGfYOTFyjfQ7Np_41rCZwH2zacFVqiu1DvFvmy6m00vLKTDjnHYnmOUy0akEHwiGzV1PCFvsQuqBdY-L1fx3BYLJ8Z_g96J6ZiBFRY7TwBQRGmI9MMvkx6RR-sFVR176kVPkJNoWb6WPDj2bebLwsv5OiWcyv-qKXSkT3M039YAfyV5sC2EwyCtmyg8AdOUGP9VVtkrJHcXz4ZGW2UfxUfQATCZDxTBDdloVORT4wzXiZ6G5PhlPuPa2igzE_kKncGym2WjXka9CfV6MTZ6iVOC5IpK1rZDTokZcKXdR4LbmIaheVmpc7LcQQED-vEyR5ttXb7kkuPaIvNjYHaDPbTJH4rliU9q9d3fOcN0XYvg5KvLDiZ6ez_E-ewNj6bhUGGYI0c4Llnof3SqFIZ23-61mVK8X2CDEKahy56NObqIvKfpyNI_wLw9InEKntWPRta3WgEA8T6DW-q-tV-l1Kg7hRJXyu0D2adpD-A8anBGuVlE-r-UPE5-pQWwRuHnskLg5AsOmqfpHCruN6Q0SHLKCNIy9_H-zDIp3ohqd9VYycF2NpdtUCFYj4-YGQEvoZfQCJLV9vAyaDwzCyw80LDFFzRnZKf06XnVwFkHvP8V6tPJz3CbXizEKcy-ImaTryq6kY7u7oZGPxkBgYMxahTvm93jrw1NWmkcV_zPcSwUHTG9P0qPR7XBnrYSuotP4yG2fxYdxuc8BtckgOiTXyVLVV2Ybzyh-OQHYUhVB3IwsLB3ydFu8Y4Smi4oh5JLjc5y-hyqKjG_zVnMOfb72aCZeQI3giAXVLc96yj_gZx9uNXnYnfwUOV53jESQ1f2LVa8DfDD-KHnqzmFSWv-dSNkmSiqhF8bMXBuBhppxkNazlpzVRctrrKC5CtzueoeY1E
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6PRQ,time:1695,type:e,im:%7Bpci:%7Btdr:1540%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1695,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1684~0%5D,as:%5B1684~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:149,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:81,sis:609%7D&br=c
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:36 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 47C7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXeQdVV1Fh7kWQYKus6rwHkmn2UjHKstvNmwFKW0-lGCMr6J-BqJj42dh6UvbtgzJe0joX2xUXD_7uzbA1OK1sU7d2puVMLPcQ3g3yysaRgs-a_wxf7hqTeo3ClPSxmU-CurCtMZvfO-h16MLaYmdtS2BvnrKCC7mCWYWbe03cnIVQ3JaSZ33Ca2jU6Fl7-TB54HkGE8yQCGjSfoe7-pWz7IEh2bzsXDRz8VnbXspjYXb4OmIULJLsxbhw89SMlMh9P0_MBQMjYYY-9Ac6ExW8Dion3qLOoTlyigtaBH-NTPUM5ShZ9Oa_oqxeBR_EvtTLYxw72P68OlyK44WPSPlsAYd54_XQdG7SoYz1nIpERJcr9iXvZHBhdvJs2w0puio3BrgTu5lRFuZIyCWi--YN-VtanRdYyCSPDfNVF1K8x1UCPARt7eiNBLnlyvJJQDFcYrkk29E7SsOnIvuOUyXKkVep5eiqjN8h3qEL7VGY0p10xB7OnynLlV34Ar3wd4a8mwiVN1rC4t-MR7-LyMaDRjYKrrcXP0rtykAdtIyk1FMTNnPZIHRDgWiPdhilpgLcCAmktbCXsoF0MMfl0t84MJ6-eoURcEaRzgn9a9TWGqcVi4WLSrEguSL_I9qoFlSzdwZkp4wWQBOlZOo0dK8MoMmL99uJ4isGuZYYBPUlg30lnWnEf-2JETCgQI1oK3sizTDvX9CvlK5sh7DICdh8eG3qv5AeLk6YGV4TxoizgvnbpQEgCl1_1LuoDv32PHZe4g_WSPyhl704mjWpWxqtO_PUL5CheiH9flyy8lCqJFY8OtsQJPgUXj-9GdRNsgVlRqQKamcJbGndC-L6ykhUK4Qfev06LqQeSe-EKsYDVEz6M_TwTvfM6M0zoPCOJ1rmEHoBlZphugnWxZPJnhh641FjScdm1asrml73p84Di6HRVj_RjZeDpedQxksZqU4-NWKTt2Gn43wvbf7YHTAsKLoTLIBnFlARIq2fQzDEbWJ9kgZR4iF00ghTZIgVTs42yEB-UGXVX9_qOuPd682nBCx4g7EhGgo8AVG0hJen4nwYSHI6W1Z-9ZDBAcMSTn1WkBrzpKsKwTKC2aK-Ij7s46c-S1I3p5e252Dt9amwDrm1b0qCt-q_B_PSlB2NOmC0-Hv_UWyZZ3-kfaIsmsdozS1U707KvWqQNfs04_yyavRmv6StYQibL9_qSiE82TJ4MgNvhRyBeswK3SiHIXxCNKaviIvWJ16JauEHRbwg-zURGq9bCQlmlMfEMVJN9Ulcz3wj2n4bHMmNeDjG2of1DK0qIKTeoLMq9Db_e3gLJykad1jsW2nXOT03ZypsEyb45kw8xq1rRukAsneQ46VgHbyCruY_shl_agu6Vdl-SwnnCbWyruxjpuHErlaXgp4wDlxRyH7Pg0oM6FiQVRqzrsF7g6JVOvdA92w5huJ2BWlIHauJT3tLeRmL4xcmE_XnJWCcTt_umWILHcuuskGLtPdS5zHjrWFHLqf_LChkTmaic4L7iv0wYSJhXQ&sai=AMfl-YSYRfS3XL9MnQrubuKQPyI2ooSSqOSmKy7E7diBpCvJYvpGRzfhE8H7JZe2-Ry5Eqr39Zl2ddiSLRlBWbpO8cQvr6pF8N-RSIVfR0B0WwXF52uoyJuqttYTLI_Bo5MSrzDEKp_yQEQZiMeGQ-dzFP__8Fk9zE-Vl0yK1TjARxeJxoJ15w2p&sig=Cg0ArKJSzMVuFkwl3eY_EAE&cid=CAQSTgDICaaNftU_5GuavmKMeYa_4e6EsZ_4ByMO3HZjlIUMDgsy7Co9l0H7oj6TaqIv587T-i9THYJ-yUCgltvkLJOD0RhzDTvadYLneh_hJhgB&id=lidar2&mcvt=1003&p=505,315,595,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701993992881&rpt=2087&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3CDD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAhDV8AbF7W7EobUSJNRs9EQzWT_AXGJkd471IHvjtvKLvaC7X0IHNvQ66Knm5bAXYSXbGPQV29Tlyf5xBx3mJNySipFBCPBqfbKeaJzeBlc-EBIm3dKmlfl4bNsVQfLU68pj0GIrJ3w&sai=AMfl-YTe0uOYfb65T8nmC1cLPm1DaWzbebqvEkRhRHcd0PEGfTLNyZ84yC7Nj5JJeNsc2NcgJSPrE1CnsbH-S1MmZIJxBOhzEnHpiZxNNQuDhn0oK0PRJwlrQdHUYSPf6JZwusppfl2yv4MZOMNVpKILYGhAMThtAxOYM04&sig=Cg0ArKJSzETMkXT25tVtEAE&cid=CAQSTgDICaaN8sBhwp5pPYGFFbIsgznwPXpXtezVFI2G_z-oHVjfPHLlggfa7KqAHNTsIb0-4CD0F0oNTxzkr7IsvYO2ChI7UGXnjqOJlWHm4RgB&id=lidar2&mcvt=1000&p=978,1352,1228,1652&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701993992741&rpt=2735&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CDD 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6281424441733&version=m202309260101&ct=76&x=1&cor=11532257684692253000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 99C9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxD6ar1unt5CMY7fN36Zt-cuBRLhF0jc52wq_9p9lY4LKWi4hQYmFoShDfFXSt071QOynaXfghyU6-rUeqCxRxVe6FTTOhbBsnPkXpcH4bw_hhtlOt_CoXPN2axrwOHTcjm53_svsHww&sai=AMfl-YTX0v-On1KPFcUG9LzxOqbOARY3ZlPK42wBWk7Vsak9gcAp3DY&sig=Cg0ArKJSzEy6daDj9c0jEAE&id=lidar2&mcvt=1003&p=378,799,379,800&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701993993036&rpt=2709&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 045A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvimpzLblh-obwdCLD7Q_q3cayUoFw5K0EndsqhZLaSwIHMxohlLa6nmGfGbZcs8GRk0y4ox47jlqJI-YlN3WckAqmQ7DMkcEJa4Qf3bEVyq8I0XOyQrTEcYoDoWQYx0t4m2gMsx-M1idhiiQDF8JkiIuc4zGrr9cuAP9VSHKHy7xQ_wsnto4-_yKcSUiBI3WS5Bxg0_xze0tJSZYMw403d4RXZwEuHKrkNw1tmC6nbLj44NXSm5XDjqzfpCKTloffhmEi7fGggy4qBRQ353mLpeKD5usklaCflKu_Sb01fB1c888H6hntLKEqtFICc2Vh88nL08N7i_Xd2KuwH3uWUdnevkr2t5JGeZf1Ei-Tf8fWtvYbOcY-yBraMrc9XEnc&sai=AMfl-YSUR3fEW--NGlSBOcAwlCKL6vKEBUqirZmKJx_rbA5s_n5Zf0zNARH6Z_PLPHJbQGaaGPHJL1ibL2GF1BH9NFGsv5pSyoTYSkMOi_T0lnPOrSqHPZBDLv4vQT1_SOwYyJoZYx8e2EvG4jRZqQz-75MLC5PS9p6r2jR63Q&sig=Cg0ArKJSzK4XATCVmsWCEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 08 Dec 2023 00:06:37 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
6ea5e93696c76bd67ab79844677ca0dcabf73f716a4f361f30c63a07d236b5b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12396
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 08 Dec 2023 00:06:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 85DE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
13558
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 20:20:39 GMT
expires
Fri, 06 Dec 2024 20:20:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4F1B 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s51-in-f4.1e100.net
Software
GSE /
Resource Hash
8236f0281d13b7bc849257de0dab607563488d2b59a70eb2bf5bd6e3430dcecb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QncNwVkHWhA3duN15BiW8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-QncNwVkHWhA3duN15BiW8Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 08 Dec 2023 00:06:37 GMT
expires
Fri, 08 Dec 2023 00:06:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 85DE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 13:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
38979
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 13:16:58 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4F1B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=14820123254127&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6Qkz,pingTime:1,time:3476,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:79%7D,%7Bpiv:100,vs:i,r:,t:2449%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1027,o:2449,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2439~0,0~100%5D,as:%5B2439~300.250%5D%7D%7D,%7Bsl:i,t:2449,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:81,sis:609%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:37 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6Qkz,pingTime:1,time:3476,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:79%7D,%7Bpiv:100,vs:i,r:,t:2449%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1027,o:2449,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2439~0,0~100%5D,as:%5B2439~300.250%5D%7D%7D,%7Bsl:i,t:2449,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1026~100%5D,as:%5B1026~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:81,sis:609%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:37 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1701993991020&gcd=11l1l1l1l1&dma=0&cid=1582687958.1701993992&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701993991&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2&tfd=7013
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 85DE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lc95-w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.222.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Fri, 08 Dec 2023 00:06:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 045A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsus3rAh-A7mbitfyHgaEOllbG6xj3Bdex0zW-II1BcRUnS_9H3MeRv3kHlHA90rRyRx6KHKKxGEcLQRN1W3odZwTA_WpFREXfQ5tQq4u4gq5dy-J4z4UleryIM-uxYqzR37Tr6ukDFhnw&sai=AMfl-YTJtFkXpYHXySzFDttkdrUmbBwZ8Fn5XtGhdnPYf_5NjHAYYAk&sig=Cg0ArKJSzNbzt9qo08GZEAE&id=lidar2&mcvt=1001&p=108,650,358,950&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701993992976&rpt=4452&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=14820123254127&bg=!GRqlGlXNAAY3kmNgF5I7ADQBe5WfOFljypYDwCTmkyxP168ooNXtshNqYVRKDj8iLSao8dHujGoeLYM255j7QwAemDceAgAAAT9SAAAAC2gBBwoAP_uhNwWApU6wziC9Mjp8YpoEJ2JKNCt0escE5kzOxz9Hy1z3MISP9dgftkiKhXZbIc2b8TMh5iDgBrPs9HQJypkC4B2IC-nno3RYh9L5CmsMyaNlwfftEVZCzrSdbiZPQ1CY7ecrjgd9cOThAiNZmsjLAryUZ0JDjgTZUv49eGHFYY3T2KkWxOzAHzkbdeUufedhCQFfZeFlYMS2Indok7EaGtyK8MjmihkSQx0hjanVhpB9GDr9LpAp7YZvtI946Xg2ZW92_FbQ4EbE3_rv43AyDIOpXFtgrR-45VAuCQw9baGj8Zy9mZD8AhTaLUcXZEi8VSc43SZyU_zJIEKUm8_awgsZeL__uzrfXbYhI5q1NDg5cLvDbDeDttk22bwGMSaZkb1eRZlFod3MFoK6VmDn3L8B9FEZBq7XAFrcbaEwHAVdPYUVXdl4Iimqcl23tBbh1TVik9QWhrQ5bbop9tDKoo6l_eBeQSoNMq9IrR7FgBP0Xd_tqlb_Df9wfNN_eQPkFx2A0nUjgTfNr_aeiueOCmddAqq7m90yeWwzVT3PqBgStZVe4Uk3PPa-oTXZgf9LZMXuMax-DCBBZm1zpj7t5ybNVXFiWtLngv6ua7OCY_1_RbDD7dmgh3L5DFNUalMsBzNreDYX-EgTytGocwni76jYTzJpsrfo-7Q2aN8eXp33_YKteZHNWj7hMudVEuUfu3kxSLIv5LZsQEQnxIM5QACyuwlWHftxzc7VVgyvbu4yPKkaasW9WdX7c2nkirudmFTnHnJ9StXyLPmeM1qT_5GNroTyR6EHKeBQwg7YkG3f2QqsvADISjBJaYvk7y_G9bAedxEZIifHM5zi4eRiynkqQhrTg4xsA42cIy51DZLOQt14amxdjlGWqHXIJmqG0IKPfZ8msgzvq_Mctm7vYXz46Bys-vXkopseDsGd9OeReh9p85FW25enE4wLVDOE1TQKD0o1JxiNZASWI555TcytZ2Qwiihvyg8T6ubpy4NhnwmtfJ74AJTPRcxWkGGkFooXB7_p_qgDpqqsE5seWzGxyAxQZdwJcwXVLyKc7HY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.206.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6RmF,pingTime:5,time:7450,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:79%7D,%7Bpiv:100,vs:i,r:,t:2449%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5001,o:2449,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2439~0,0~100%5D,as:%5B2439~300.250%5D%7D%7D,%7Bsl:i,t:2449,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:126,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:81,sis:609%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:41 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 3CDD 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1525516&asId=5bf627fb-b17b-1649-df4f-8c5b32ed3ffe&tv=%7Bc:wc6RmG,pingTime:5,time:7451,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:79%7D,%7Bpiv:100,vs:i,r:,t:2449%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:5002,o:2449,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:79,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2439~0,0~100%5D,as:%5B2439~300.250%5D%7D%7D,%7Bsl:i,t:2449,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:126,fm:tXNLlHh+11%7C12%7C13%7C14*.1525516-72173819%7C141%7C15%7C16%7C17%7C1811%7C1812%7C182%7C191%7C192%7C1a,idMap:14*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:81,sis:609%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.233.91.192 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-233-91-192.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
ja-JP
Referer
https://42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Dec 2023 00:06:41 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=UNKNOWN&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19699.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7310008530721332677&__req=4&__rev=1010282616&__s=%3A%3Asir275&__sp=1&__user=0&dpr=1&jazoest=21818&lsd=G375xAPsivh90lUUo-yHNG

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app function| fbq function| _fbq string| labelToken string| category string| GoogleAnalyticsObject function| ga object| ggeac object| google_tag_data object| google_js_reporting_queue object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| onYouTubeIframeAPIReady undefined| google_measure_js_timing number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| GoogleGcLKhOms object| google_image_requests

49 Cookies

Domain/Path Name / Value
.prnasia.com/ Name: __cf_bm
Value: XwuwnK0JD9toxMdYSSEm5P.KxJqdrvyBwkzTc_ogbPo-1701993991-0-AfZscck6FMxG85R5PqVv+x2fNbsZY/03nwHECSUMWCKmQ/TV+Ufk2e3iKTTNraborWxctUAzXODU/MBfmqORPhc=
.reurl.cc/ Name: _gid
Value: GA1.2.672608448.1701993992
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.1582687958.1701993992
.reurl.cc/ Name: _fbp
Value: fb.1.1701993992341.266681637
.criteo.com/ Name: uid
Value: e86e9c04-9f5e-4e28-bd1c-71f6a636eb17
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.reurl.cc/ Name: __gads
Value: ID=1ceddfd58b4319c4:T=1701993992:RT=1701993992:S=ALNI_MYbDUEyF6KmKsD40GnThVcrJp77Wg
.reurl.cc/ Name: __gpi
Value: UID=00000ca6e113c61b:T=1701993992:RT=1701993992:S=ALNI_MaVBl8C-srl4Kx80jQN2jqqiMPoQg
.openx.net/ Name: i
Value: 560a1668-d6ef-4bad-808d-669aab8f21ba|1701993992
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: c969e5323cd74262e2a2a90fc47f61a7
.doubleclick.net/ Name: IDE
Value: AHWqTUko0nzZ5piFsMWbZqJRdlMgtEhrTTmFkuIviWmhLWiVml5x9IhX4a_9Srw9OnI
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1701993991.1.0.1701993993.58.0.0
.reurl.cc/ Name: _cc_id
Value: c969e5323cd74262e2a2a90fc47f61a7
.reurl.cc/ Name: panoramaId_expiry
Value: 1702598792878
.reurl.cc/ Name: panoramaId
Value: 100d8edda8a6a4dbc72d8098c689185ca02c2909f3c41decdc475d41240b9463
.reurl.cc/ Name: panoramaIdType
Value: panoDevice
.send.microad.jp/ Name: TR
Value: 1e9b9cbf7a3936615bb2b61dbe6feb750c24042a5f585149
.turn.com/ Name: uid
Value: 7400503878722591713
.doubleclick.net/ Name: APC
Value: AfxxVi51JTUAhtxj9e4h0kuWnP7BrIQSG68HvnogTABvCafsXnLhPA
.reurl.cc/ Name: cto_bundle
Value: nTkeUF90MlZjJTJGVWpmZW9UNXhTNk0lMkJMV3BvVDhEdEJwSSUyRkJpVlQza09YeG4lMkZ2ZHVrcnJ1UEltb0x2NmcxMlolMkI5d3ZRZ2ZDUnl4Zm9lYkd1cEtFNXh3ZjRoTkg4SGdEaTRsOXVVTkJzUUJFbWhMVmNsbk1yRSUyRnhsdkJwTjYlMkJ4MmhPSGh2RTVPZVBKY2JMVmYlMkIwc1ZyWGR1Wnp3JTNEJTNE
.doubleclick.net/ Name: DSID
Value: NO_DATA
.openx.net/ Name: pd
Value: v2|1701993994|jElYiuvOhI
.holmesmind.com/ Name: fcm
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAxOTkzOTk0fQ
.adsrvr.org/ Name: TDID
Value: 115a1572-be2c-466e-bc9c-f4f917af2091
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjulLnTiOO7PBAFOAE.
.openx.net/ Name: univ_id
Value: 537072971|115a1572-be2c-466e-bc9c-f4f917af2091|1701993994338072
.lndata.com/ Name: admckid
Value: 2312080806331731258
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: SC0dK_av-egFcZRNQs85aRA7ezhVxrU
.ladsp.com/ Name: lum
Value: CKuy_bXEMRIFCAMQ0AU
.holmesmind.com/ Name: P
Value: 901090-3lZy8L1gh7VOFlZq4S1uf4a6r84eI79M
.holmesmind.com/ Name: Vision
Value: 20231208-23:59,20231208-11,20231208-11,20231208-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: CFFPCKUUID
Value: 1850-Av9t9P0GTH24JG3nsomzPAHs6KmHFQ5x
.hinet.net/ Name: uuid
Value: d3c85ad0-b1e8-4080-87aa-620fb87a02c1
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.reurl.cc/ Name: FPUUID
Value: 0926-1ca4ef9d0a708f20e44a3e0070ee8a21
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZXJeCwAAK2-D-Qkb
.googleadservices.com/ Name: ar_debug
Value: 1
.holmesmind.com/ Name: R
Value: null
.holmesmind.com/ Name: G
Value: we3u7ZGJymKY5J47cKd8kQ==
.holmesmind.com/ Name: d
Value: /jHzqDFxfoBZ4WTyQK3MPaD5j7NQOgUkv1Txfycvr2ReudB2dm6t0KDrpHJuqax6WjAFQ16PJy71RxDiXPBzgA==
.microsoft.com/ Name: MC1
Value: GUID=026a9c57246447b1bdf31e679b06ba6e&HASH=026a&LV=202312&V=4&LU=1701993996163
.microsoft.com/ Name: MUID
Value: 2DE2784814C1687E3A976BA910C16E6A
.analyticspixel.microsoft.com/ Name: MR
Value: 0

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

42a6b8840cd8418495bd28acd0daba8d.safeframe.googlesyndication.com
ad.holmesmind.com
ads.everesttech.net
analytics.google.com
analyticspixel.microsoft.com
anymind360.com
asset.re-news.tw
bcp.crwdcntrl.net
bid.g.doubleclick.net
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
d.turn.com
d3c85ad0-b1e8-4080-87aa-620fb87a02c1.t.ssp.hinet.net
dco-assets.everestads.net
dt.adsafeprotected.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.wp.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
reurl.cc
s-cs.send.microad.jp
scontent-nrt1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.adsafeprotected.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
www.facebook.com
104.17.238.194
116.50.36.71
124.146.153.160
13.215.134.10
13.230.11.166
13.231.14.23
142.250.196.129
142.250.206.195
142.250.206.226
142.250.207.2
142.251.222.1
142.251.42.162
142.251.42.194
142.251.42.195
142.251.42.202
143.204.126.44
151.101.129.55
151.101.65.229
172.217.161.67
172.217.175.72
172.217.175.78
172.217.25.161
172.217.26.226
172.217.26.228
172.64.152.89
172.67.150.31
18.65.185.102
182.161.74.1
182.161.74.11
192.0.77.2
192.0.78.236
192.0.78.25
202.233.84.8
203.75.214.136
204.79.197.204
216.239.34.181
23.36.100.19
31.13.82.36
31.13.82.7
34.102.146.192
34.117.23.234
34.120.107.143
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.162.61.47
35.185.130.121
35.190.31.54
35.201.76.93
35.227.249.156
35.244.196.223
35.72.69.55
44.233.91.192
50.116.239.135
52.223.40.198
54.95.167.198
61.216.47.122
64.233.187.157
99.84.133.103
99.84.133.64
99.84.203.45
011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
07a4e6e29c941243f89b66b95f71169d367abe2df067120a46ed95e522f78914
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
1180f874b584083b79efaa927508773cf992ba632d1ee5392d002e64926b7cb7
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
178c5155804036d8753c8363715bba65049c5f8e4b5dc047d1d708377ba0290a
17c594435fc9e70198aa5b12b86065ea83fd5769602260ae758d0fd698c0f997
18c1290ed22e75df938f60831d47506fc214b7d6674772e82f0b5b6f28ead5c9
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
20410d0c8fa1594557fc87207e00271d02a633cbd59a38960bf86760d2bd062c
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
210a1844b44ee812009792b36baa2958dbe5803c2ce3bbaa1589e16505a92a61
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
25544841fa3a467c8c2caefca75e21616e0874f1564fa14e975ef770dc52c9c4
25ecb881012fe685fd29e52466d2641682e217f11cc407893818a2a585967f98
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3edb7d7cf4bd2e766e90db553560c32cff5e84208ecb968a441494cbbe087ec3
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4565b0ac5807d5b75a1f8c8715bfeb4c1275d25576261e8ed278f115b463cb99
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d5d27d2df23a576032d7d455ed2715adf3c9cc4c82786b1a6d80ae0d0857e5d
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
552cd7a7b75bb2d8b64ad1b2ea1bd5111b9ded88e77e5b74b378ca31ae2c8106
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5984c4331c1e31c39b448a694d5531460849f9045bb0d51c94b4c29563ec5650
5ace58115177bd9d342f148f9a2f6ba637b04e74fda103abe156a43f92c1a8c9
5bfe37a568c142cdb19b871816715cf8874b25e488947f6534602d8c64359499
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
6ea5e93696c76bd67ab79844677ca0dcabf73f716a4f361f30c63a07d236b5b3
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c
6ed2aeefa3712394f2720d2a8ea2d3841d75125eaf7548ac7b0758603a4ccc2b
6ee10af34850660e0e2c5405b21071347e3dcb8da60f0060281e6ff013238a79
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
71f58649cf37e2f58cfaa2eaa1f9e292c721ab462b6bd022dc9e5feb9b8b2ade
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
76d876a0ca94f4f266438864b7cbb952eaa1d64b4011609a1129caf872725488
797b5a66e602ed82b529625669df13ebe1df3dbd5f43694db08d07d6e833537e
7ab05351d1257d38ef4ab7f85492cda992e1f171134f173a90b8eabef358c73f
7c363a0df8fcfb5937f3ea0fd2d1e6bd6d1a5f7e577184fbd8843a4baa2f7d7d
7caa36a2429987bf28f857262051ba65268681630d763af8489caa70a3a37dd9
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
8236f0281d13b7bc849257de0dab607563488d2b59a70eb2bf5bd6e3430dcecb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841c6bbbb5de52a2907e9b2a232a8a2fbe5043d8b770cf6ba57edeca063857a2
8932c0173055e97db7d2952dcecd7d64f2d63290435d34c9fdb1c8291f83e40c
8a2388dd55b9d8f2f316b1fd31b5a298de4d4cf1c9218956da7195a131fc2f0c
8cd64e9cb7c303f18ae1c7b934c936ad14edecfb11851b0c0a9ae4f902b1e41f
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
926634a6e087f87bfa0f6a558dac909c9a0903c41d9b3ccdc00c2b8ba9f6444f
93a1d56041ca1822797c0c1521de1f2c1d49129224188b003e5f0b9224db86d4
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a1e09863e72c952cf3feb7fd40c213a118cff8ab05fc86629e4ce20aa834cac7
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0f0fbf9b3cf511347cdd240a5b9d150a7bda064d49fcef52e4c0b7ef4451ae7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1b1661ffb71705ae01b3b0cea6c065ae93d49d6b547bfeeec0260fa92bf2793
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6532a8976f6ae62ce558fdd4b6cda03032ad519a380a8c432c168b6b8f540d9
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c6038c490d9ba5f01b25f662e3621d7d1392fe815a9df8fadb659ae8cb2ade3f
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d4ae677eb05a7cbf4df32537fdef742116d54a8fe0b6ceb335ac564777ede299
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d891551f129f5784e720c7807cbd10b8b5aa4a8d9440880c32b521e3b89ca346
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de295473b58ce0fabd2da10a183774a361b4a96aa41b81d5fc83bd307bce1fef
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5822473962458d0280aa5c92e6c8da3c4a10cc76ea55bd3c06ab8bf64eb4bd7
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9ea28b131205e7444a09c2a75568af1cc0d6635a7cc8017286433de49e2062e
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb4bc769e26150b9c878d7d6408c1053a0a0b6a800a5968de6832c02dc60f553
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb889ae27a520fb75bbe2194881e8cba73a87d5e2d5ac4c15df2a9b21e71a1d1
ee61135d442428fb468f27d98708d5bb99073d1d4e9d7b22aad4dbf8fda91e80
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f651a105fcd99d835117e820d776e4d79d2a10b4ec4fa6c61b69319f3db6f35d
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe