reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 18 via api (December 18th 2023, 5:32:44 am UTC) from JP — Scanned from JP

Summary HTTP 306 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 76 IPs in 7 countries across 47 domains to perform 306 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
5	34.149.98.30 34.149.98.30	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.55 151.101.1.55	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4004:824::2008	15169 (GOOGLE) (GOOGLE)
1 13	2404:6800:400... 2404:6800:4004:811::2002	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
59	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c13::9c	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
1	34.117.23.234 34.117.23.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3034::6815:6009	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1	61.216.47.122 61.216.47.122	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	35.185.136.122 35.185.136.122	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.190.31.54 35.190.31.54	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c4:6000:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.35.49.117 13.35.49.117	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4004:81c::2001	15169 (GOOGLE) (GOOGLE)
1 3	2404:6800:400... 2404:6800:4004:820::2004	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.136.163.161 18.136.163.161	16509 (AMAZON-02) (AMAZON-02)
5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.172.52.51 18.172.52.51	16509 (AMAZON-02) (AMAZON-02)
4	2404:6800:400... 2404:6800:4004:80c::2002	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.162 124.146.153.162	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	99.84.133.14 99.84.133.14	16509 (AMAZON-02) (AMAZON-02)
2 3	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
1	3.160.119.38 3.160.119.38	16509 (AMAZON-02) (AMAZON-02)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
5	2404:6800:400... 2404:6800:4004:813::2001	15169 (GOOGLE) (GOOGLE)
15	2600:9000:20e... 2600:9000:20e4:5c00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
15	2404:6800:400... 2404:6800:4004:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:824::200a	15169 (GOOGLE) (GOOGLE)
2 4	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	34.111.12.34 34.111.12.34	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.107.150.21 34.107.150.21	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
13	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
2	52.197.157.219 52.197.157.219	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.193.138.211 52.193.138.211	16509 (AMAZON-02) (AMAZON-02)
7	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.249.156 35.227.249.156	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2404:6800:400... 2404:6800:4004:812::2002	15169 (GOOGLE) (GOOGLE)
4	18.182.103.101 18.182.103.101	16509 (AMAZON-02) (AMAZON-02)
3	34.102.218.41 34.102.218.41	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	3.113.117.180 3.113.117.180	16509 (AMAZON-02) (AMAZON-02)
10	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.197.136 119.63.197.136	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2 4	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
2 2	172.104.70.67 172.104.70.67	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	119.63.198.180 119.63.198.180	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	142.251.222.2 142.251.222.2	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:822::2003	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
9	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
2	143.204.86.129 143.204.86.129	16509 (AMAZON-02) (AMAZON-02)
1	13.32.50.110 13.32.50.110	16509 (AMAZON-02) (AMAZON-02)
1	35.208.216.174 35.208.216.174	19527 (GOOGLE-2) (GOOGLE-2)
3	2a03:2880:f06... 2a03:2880:f06f:0:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
28	2a03:2880:f06... 2a03:2880:f06f:1:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
3	35.213.89.133 35.213.89.133	15169 (GOOGLE) (GOOGLE)
3	34.96.83.10 34.96.83.10	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
306	76

1 35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2404:6800:4004:811::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c13::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com

asset.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::6815:6009 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eec2 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com

re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.31.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.31.190.35.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:6000:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.49.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-49-117.nrt20.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:81c::2001 (Australia)

ASN15169 (GOOGLE, US)

aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:820::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.163.161 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-163-161.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-51.nrt20.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80c::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.162 (Miyado, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.133.14 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-14.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.196.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.119.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-119-38.eze50.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:813::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:20e4:5c00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2404:6800:4004:80f::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:824::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com

ad.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com

uec.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.197.157.219 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-157-219.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.193.138.211 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-138-211.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
deb1daf6-d32d-4826-aecc-d52b6f5b2ac1.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:812::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.182.103.101 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com

ecs.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.113.117.180 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-113-117-180.ap-northeast-1.compute.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.36.98 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.70.67 (Tokyo, Japan) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

imageaws.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.222.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.86.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-129.nrt12.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.50.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-110.nrt57.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f06f:0:face:b00c:0:3 (Rome, Italy)

ASN32934 (FACEBOOK, US)

scontent-fco2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a03:2880:f06f:1:face:b00c:0:1823 (Rome, Italy)

ASN32934 (FACEBOOK, US)

video-fco2-1.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com

trace.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com

event.tagtoo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
85	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-fco2-1.xx.fbcdn.net — Cisco Umbrella Rank: 361778 Failed video-fco2-1.xx.fbcdn.net	3 MB
35	popin.cc api.popin.cc — Cisco Umbrella Rank: 31958 tw.popin.cc — Cisco Umbrella Rank: 96359 log.popin.cc — Cisco Umbrella Rank: 33420 r.popin.cc — Cisco Umbrella Rank: 34110 inrecsys.popin.cc — Cisco Umbrella Rank: 39665 imageaws.popin.cc — Cisco Umbrella Rank: 54406 trace.popin.cc — Cisco Umbrella Rank: 2940	731 KB
26	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 132288 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925 fcm.holmesmind.com — Cisco Umbrella Rank: 210108 fcm2.holmesmind.com — Cisco Umbrella Rank: 154750 c.holmesmind.com — Cisco Umbrella Rank: 107592 m.holmesmind.com — Cisco Umbrella Rank: 190604 ad.holmesmind.com — Cisco Umbrella Rank: 104322	152 KB
26	googlesyndication.com aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	162 KB
19	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	245 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	74 KB
8	tagtoo.co ad.tagtoo.co — Cisco Umbrella Rank: 222202 uec.tagtoo.co — Cisco Umbrella Rank: 477829 ecs.tagtoo.co — Cisco Umbrella Rank: 229932 event.tagtoo.co — Cisco Umbrella Rank: 217532	48 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 bidder.criteo.com — Cisco Umbrella Rank: 776	15 KB
7	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84860 deb1daf6-d32d-4826-aecc-d52b6f5b2ac1.t.ssp.hinet.net	6 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
6	appier.net 4 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 52931 gocm.c.appier.net — Cisco Umbrella Rank: 2197	1 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 116978 storage.reurl.cc — Cisco Umbrella Rank: 432247	6 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
5	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	227 KB
4	treasuredata.com in.treasuredata.com — Cisco Umbrella Rank: 4504	2 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	258 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	57 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 38270 go.trvdp.com — Cisco Umbrella Rank: 34674 s.trvdp.com — Cisco Umbrella Rank: 30609	146 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	re-news.tw storage.re-news.tw asset.re-news.tw re-news.tw	81 KB
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27502	3 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	gstatic.com www.gstatic.com fonts.gstatic.com	47 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	718 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133 prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644	2 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	515 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	58 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 27242	595 B
1	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 92120	168 B
1	lndata.com cm.lndata.com — Cisco Umbrella Rank: 161265	470 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	908 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	851 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	alphaloan.co blog.alphaloan.co	181 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5797	248 KB
1	rayskyinvest.com www.rayskyinvest.com	612 KB
1	racingcharger.tw img.racingcharger.tw	121 KB
1	creditcards.com.tw creditcards.com.tw	43 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 534895	73 KB
1	gbyhn.com.tw img.gbyhn.com.tw	528 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	92 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20760	43 KB
0	tagtoo.com.tw Failed ttd-cm.tagtoo.com.tw Failed
306	47

	Domain	Requested by
54	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
28	video-fco2-1.xx.fbcdn.net	static.xx.fbcdn.net
15	tpc.googlesyndication.com	reurl.cc aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com cdn.ampproject.org securepubads.g.doubleclick.net tpc.googlesyndication.com
15	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
13	log.popin.cc	reurl.cc
13	securepubads.g.doubleclick.net	1 redirects reurl.cc securepubads.g.doubleclick.net www.googletagservices.com
12	www.facebook.com	reurl.cc static.xx.fbcdn.net connect.facebook.net
10	r.popin.cc	reurl.cc
9	pagead2.googlesyndication.com	reurl.cc www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	connect.facebook.net	storage.reurl.cc connect.facebook.net fcm2.holmesmind.com cdn.holmesmind.com
5	storage.reurl.cc	reurl.cc
4	ad2.apx.appier.net	2 redirects reurl.cc
4	in.treasuredata.com	api.popin.cc
4	ad.holmesmind.com	cdn.holmesmind.com reurl.cc
4	gum.criteo.com	2 redirects static.criteo.net
4	api.popin.cc	reurl.cc api.popin.cc
4	www.googletagservices.com	securepubads.g.doubleclick.net aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
4	static.criteo.net	securepubads.g.doubleclick.net cdn.holmesmind.com reurl.cc
3	event.tagtoo.co	ecs.tagtoo.co
3	trace.popin.cc	api.popin.cc
3	imageaws.popin.cc	reurl.cc
3	ecs.tagtoo.co	ad.tagtoo.co ecs.tagtoo.co
3	cm.g.doubleclick.net	2 redirects google-bidout-d.openx.net
3	www.google.com	1 redirects reurl.cc tpc.googlesyndication.com
3	scontent-fco2-1.xx.fbcdn.net	www.facebook.com
3	www.google-analytics.com	storage.reurl.cc www.google-analytics.com reurl.cc
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	bidder.criteo.com	static.criteo.net
2	www.googleadservices.com	reurl.cc
2	mug.criteo.com	reurl.cc
2	gocm.c.appier.net	2 redirects
2	c.holmesmind.com	1 redirects cdn.holmesmind.com
2	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	oajs.openx.net	1 redirects reurl.cc
2	aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google.co.jp	reurl.cc
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	analytics.google.com	www.googletagmanager.com
2	cdn.jsdelivr.net	reurl.cc
1	rt.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	deb1daf6-d32d-4826-aecc-d52b6f5b2ac1.t.ssp.hinet.net	cdn.holmesmind.com
1	fonts.gstatic.com	fonts.googleapis.com
1	prebid.scupio.com	cdn.holmesmind.com
1	prebid-asia.creativecdn.com	cdn.holmesmind.com
1	inrecsys.popin.cc	reurl.cc
1	googleads.g.doubleclick.net	reurl.cc
1	m.holmesmind.com	cdn.holmesmind.com
1	fcm2.holmesmind.com	cdn.holmesmind.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	cm.lndata.com	cdn.holmesmind.com
1	uec.tagtoo.co	api.popin.cc
1	ad.tagtoo.co	api.popin.cc
1	tw.popin.cc	api.popin.cc
1	www.gstatic.com	aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
1	fonts.googleapis.com	aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
1	go.trvdp.com	cnt.trvdp.com
1	tg.socdm.com	1 redirects
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	blog.alphaloan.co	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	re-news.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	creditcards.com.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	asset.re-news.tw	reurl.cc
1	storage.re-news.tw	storage.reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
1	reurl.cc
0	ttd-cm.tagtoo.com.tw Failed	uec.tagtoo.co
306	85

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-12-10` - `2024-03-09`	3 months	crt.sh
anymind360.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-26` - `2023-12-25`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
asset.re-news.tw GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.prnasia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-24`	a year	crt.sh
tls.automattic.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
img.racingcharger.tw cPanel, Inc. Certification Authority	`2023-10-22` - `2024-01-20`	3 months	crt.sh
re-news.tw R3	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-03` - `2024-01-30`	6 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.popin.cc Secure Site Pro CA G2	`2023-09-27` - `2024-10-27`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
ad.tagtoo.co GTS CA 1D4	`2023-11-02` - `2024-01-31`	3 months	crt.sh
uec.tagtoo.co GTS CA 1D4	`2023-11-13` - `2024-02-11`	3 months	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
ecs.tagtoo.co GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-16` - `2024-08-12`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
trace.popin.cc GTS CA 1D4	`2023-12-11` - `2024-03-10`	3 months	crt.sh
*.tagtoo.co Go Daddy Secure Certificate Authority - G2	`2023-04-14` - `2024-05-15`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 553A8B53DC5D5152C969908E8A84B1C8
Requests: 51 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 4758398FD6BE8FA5E7103F1EFBC4FC22
Requests: 33 HTTP requests in this frame

Frame: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04F1C29B89DB3AB650AA26419B67A79F
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 88AED5CED709A06A417376F122A47041
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaDPHuxrtu4XIqy62OyFZMMPl-duPjF30psYxgbAirjWfftW-c3G2jV6Wra5A0w0dZtAIX_CqkVU00WE7In1U1mn1ZlHMrqdCeQCWxybXH_PKMGlgpePeh46XMOhtFH6wugftwubplFfQbxDWh-0h-Q17ZQMJoGTIdFfLwnCQmDr5OPBRhDFQtBk-XF-eeGc71-k_uWrqXp8tOzDQtsdhGrWaYcf1_ltNcZlPRS7aiiRhZOW6mcA4b9VwrdHofqiNBQECjasnbIIxxhzUHzgdwi-V35fTrJI74H0n_VG6K1tfLyq9KvxfE2Inl3ZTmSfLtc4C0j1p85qjdw2VkT9ALxDD6XDtuNce63TGlzKrs0v9DJ-eJuL2nb_9bxurKwCbTqvZjsg&sai=AMfl-YSlrXGRKTN3qufiadSgfspcIflyJnYzWOUmVVV6CW7O5F8gIu1P9ZrgWj0OmAIAjStxFA75gZ4xY53HdkW2q22FGXHtlkJzQMA5sBtLnzHY7o9yjGibnVNY7CaMe1WJ-v2BHIurkMBaEMcJZJttrTM7&sig=Cg0ArKJSzFOW_prSj4HcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 3345A3C1CDB272AF474BA8CE222605F7
Requests: 6 HTTP requests in this frame

Frame: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 731F30007CBDE5343C6EA318CE6E6B81
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaj1XU1fEVp1BxV6Z4Yt3o7ReI184dfy2MV1--q567Y3mx2p3mcKi_uQiUy1Y-Bteq5bBuYdPR52cktQbBQqF7Ii1ldOb_RIdlDMSEO4G1mU2O23ojmu9yWc9yRXQh4dzQZm29_BpmF049nbutHiX7PpUM_KMsuFNfagenttcr3rp3eyr6kUWqcF2RkiCJWYmhiW1II1rCBuSptwXXc1dFyvVOfH-GYN1ioQs1MwdnfMOIlot6-O5YeD9dnwVTsyj-Fk-elAAKq34a5lvryR4W9ne9fbr-ZzNFG4Zmt4g-6FmyfcXn1xbADmYAa7DNbHNDdy6uoKq0HGMw7R6H9l_t5cPF5z8PK-i0kN_gduQnMoGbvrHUZCRcBCUdao4165VYxjnsX5c&sai=AMfl-YR_O-5IYEhrEWqqRlBlblFGTcu0QKB8PbzNfhbf-EeaYzIGQNQspyDtHsPSbA7E45keV96TnaaQ7UI6_GJ2Ym70t1HeAxS9lT5HcLv91xRhcHdrTEv4QWymRidnfyrBDC7gE9q1PnemzGg4jYSUN2U&sig=Cg0ArKJSzL0cUa673AU6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 26197480E8101FD63ED408C0A8B8EF13
Requests: 51 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 07441A0088CCC53048683008A88FFE3A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8qHlCS1Aa078RG060XgwsW0QM9C2bXP7FF7FXJW5oXr493wApBd2bJ-y5Tu_nY0MvoXJMpf1wUntrnkiOnu-QY7OCQSr9ryHCQMWDUhupgqmYOJau_i2BCbtEgvqMIti0h81YW7_xyScxATOXYNCEN3zhecLmgMMJfgmw29BbCk2RlZKcPllaPoy4r2EVUlyTHXLMNIpo67OhQVYkEtdGLkYT4WGv_K4OSlFLFs0ZpnQbrRBzRICkBQzufcO4_7KD2VWNDA8oBx_UYrTQlgAE75e1_MIm3aGAjWIReG-7-hlwSpQeFX6FbdsjH_NnjYT87e5bni5pB0klFkypdYFCAeT1f7Sa0IOBSmlnzKzP6JoSkV3XPA9NFIVJAfO6x_7wIsUs0aTTLj0&sai=AMfl-YTo9vtBDjbf2iPnBGqy3f2aZ5XjZp0q19JMENUJ3JGIIuuMCeMBHb2rth0bD7mMKf11sqw0hwFaAzdzqEBsfh4tCpGwVIdmaR_-Q90ZtFTI_W_SYrHPuN_RZcXlLscDZAFAojyWpu15DxxwPuDdCgY&sig=Cg0ArKJSzNOHkfKcEeQIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 88F079711293C19502F010756345B535
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: E73CE17B7B3B285AE0DF596E913E8E5A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 3327234FD1A2CF1437BF3F187827C42E
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 90072799AF4FEC02AA62FBC11DB53A74
Requests: 26 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 8E1F988222881A2CFC0552632163F49A
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1700BBAC8673159B826FDB7871E9E684
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/23269/c6fefdd77d017860676055a778536143.jpg
Frame ID: E041B22947009AF80CAC71B3718CF846
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: ABC2AF6049333ED55841BF1950BFDFDE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
Frame ID: CFBC595131932E64826ED218DEE317E1
Requests: 69 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702877558&level=0
Frame ID: 58698495AA3471AB1716ADC93C56EDB2
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 6A3A40F61D4CD47CA9894A788C79B816
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 31D6C47286EE0965FF50078A24FA5C02
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3460AD4E2989E8070A0C5217D8B2C8A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

306
Requests

93 %
HTTPS

34 %
IPv6

47
Domains

85
Subdomains

76
IPs

7
Countries

7061 kB
Transfer

17931 kB
Size

47
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/162

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/53390

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4293775_XG93775_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/302515

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/45493

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/21972

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/111057

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/6529021929c8b98fa9eb5390

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://www.comptw.com/
Title: 台灣公司查詢網

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 70

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

Request Chain 80

https://match.adsrvr.org/track/cmf/openx?oxid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=35479725-ccea-4f91-9ed3-a6e077a71f44&ttd_puid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0&gdpr_consent=

Request Chain 81

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZX-ZdMCo8YEAAI3Y5lkAAAAA

Request Chain 82

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYI4gYRXq23Gks8AED41uJwSFc8AAAGMe2ltWA

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBNnnf5xC1EcAcRYOGUrl0&google_cver=1

Request Chain 130

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEPCaMdZVHm9qhZa9YnVXc5c&google_cver=1

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 169

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ

Request Chain 170

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ

Request Chain 183

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=lDw1HXx0QnBlOFdaNldMNmpXMXI2Z0dGK0Y5K2E0ajEyVE4xQ0IvVWxkaWtVbjc3aUFzR0xJYTdLb3BvaloyTmJCcVVKN0ZOZVdjVlNjcHJUeDdIT1ErbllZQjJTSGhNUDZIeW1xaDRWNm5pSURjZ3p5dW1rNXNIZW42ZVN6cmYrZENyV25sWXE5NTFERGF2YVpFYzBZQngwVUhjeFp4Y2QyQUo4WURuMXNiRUJoUHBUdzMvZ1M0b0YxbUlGOVhDQnRBVzBRTFJPcnBXTHBONVpXeFVUTzcrZUN0M2F6YXNlVlVRMkhPQ1VQb1dzN0JFaXlKSmdqS0tIVUNOcHdzdGFuaDZJNzdqNC9BOFRmbUo4ZXNNUFVUT2RvZz09fA&cppv=2

Request Chain 185

https://securepubads.g.doubleclick.net/pagead/adview?ai=CGzGrc9l_ZcygJrSDid4PgMuu2Ayg5rzPdL3-1sqAEmQQASDSzIEaYInzxYT0E6AB6OzP-ynIAQmpAvjXiXbeNj4-4AIAqAMByAPLBKoErwJP0DXMiD2SATE94yePfHHc2OAsLejMvdGo51u-vQgzTzEQqttMyUvLzMRJdyDQv0AeWClQWNK5WPPot3ISR7wdHqzWFSS5Mzi9_BW78M8GfBYMIha3NON5oBXM46MOhPdd6_d0BcjbVV5ZdBab6HFu60UeVk5MGtItkpP7diwUBDWproAkFHFTEBpGoy-8-JY7KBYXS_MQwFgsQuSMvo15Xcyj7pYiUQj3HjZyQfyETiOR8fz1WYuUIlxzfjuo22W6Q4EWnRrjaty5RYmmRkNg62niM-Wlglq-72eOe9JxXFQ0UGfAll3SubgObxVAWspIdR7xqBizQeB0rGA8GRzOtqor5xgCRjV_7HB1Q3NBrf96HSWEZz5R_rGfuvVwLGgL7jh7RLHig4e0I7obi3fABO3Nx7HFBOAEAYgFoZHiiUySBQQIBBgBkgUECAUYBKAGLoAH6KSg2wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCKiAjSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WPa5sJ6hmIMDmglxaHR0cHM6Ly9zc3cud2ViLmRvY29tby5uZS5qcC9rYXpva3VjcC9pbmRleC5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y29udGVudCZ1dG1fY2FtcGFpZ249Y3AyMDIzMTFrYXpva3WACgPICwGYDNu5usHEBKIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChCgovX68rzSlDcSAgED4g0TCMrysJ6hmIMDFbRBwgUdgKULy7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=pd1GNo65tss&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_ScRk7xSjHIfA_afKyW4LqrQ-e3_ahlHxyS3dP9yQJuqn2bOhNeWyqGayZg4B7lbEVUriXgM0nkWwj9zSycPBcNfK8zZCi2UxfxgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b14da62c48346fe0000000000000000%22,%222%22:%220x7eb123cd99b1a8fd0000000000000000%22,%223%22:%220xcf40649c46143c090000000000000000%22,%224%22:%220xb40c637095a998160000000000000000%22,%225%22:%220x8529ec895af925160000000000000000%22},%22debug_key%22:%224434555828204882017%22,%22debug_reporting%22:true,%22destination%22:%22https://docomo.ne.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211265111656%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217176652732329614609%22}&andc=true

Request Chain 299

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pwL4Vl9kJTJGaHNZS3JsQzNqQm8xNFg0TlROa2xJMXFmNjY4eElodnMlMkZlelkyWnlWZXRxM0ltVk1lcnhSTGx5MmtKd1dxJTJCZkQ4VVJGb09iSHBuWEJ6Y3hHMGlPbTM2QkdJRXhnayUyQlA1QkNEV0l4d2dLR0lvJTJCcXhET0UxWDBtcWslMkJZQ2thNHBpQ2NJTDJXQms3dlNWa1BBbWtPSFElM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=EgY4TXxvT3gyaHgzYytZWHhjcTNHSkgzUVhFZzkyT0MwZmt6VCtPMGF0NHR0N2VmQVZES2UzSWFUZFBpNDhsRHp4TGNMNWdHUUFTN0U4UHcyZ3JQbE1iRldBYXpjalpvejByS0txR09BQWQxYzhVa21VdHJsaEJEUVltMzdpZmoxUENCUUYxZDloR1J2dVBiWTErQy81YXlQWWJmbU5LSHNaQUIxVDZiMGVUdTd1K2UvUFd1V25vTlRwelZGUnI3WUJZejB5Q3RxMnpNMExBODlhdDcwSU4zNmUxY0xHOEF5T2ljTUk5QWl1T0g1N3BUUDJUclhqRzZ0ZWFHY2VjeGhYTVRXaU1QQjVXQVZ6bEhuUklEN1p2SGRSTk94UUtXQWUwTzVnMjBYL2Z6aytBZz18&cppv=2

306 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gaOWLp Show response
reurl.cc/ 9 KB
3 KB 214ms
47ms Document
text/html 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d9da3eacecebe20c6c7e8d62b7a2fb3b2993d79f565fe819ce92fe8444ddf9e1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 18 Dec 2023 05:32:35 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
target: https://cla2.cn/SpY
vary: Accept-Encoding Origin
x-request-id: dcb4bda1-09e2-4892-8b2e-0157bdd875a2

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 15ms
2ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4663920
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700021-NRT
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 84ms
3ms Stylesheet
text/css 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 22:52:40 GMT
content-encoding: gzip
via: 1.1 google
age: 23995
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-request-id: 6353f494-dcfb-4b25-bff8-e11a4887644c
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 181 KB
43 KB 10ms
2ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 17 Dec 2023 09:28:31 GMT
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 72244
x-guploader-uploadid: ABPtcPppq53j-B-8yIjPazeWzonkfgW7YP0BzjYylOkZCbocPODSDrBdJG18B7ZRO0LhYEtarJw
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43095
x-served-by: cache-tyo11954-TYO, cache-nrt-rjtf7700022-NRT
last-modified: Wed, 13 Dec 2023 09:45:54 GMT
server: UploadServer
x-timer: S1702877555.128692,VS0,VE0
etag: "e72b07c558bc8728eefd5f440f0b9622"
vary: Accept-Encoding
x-goog-generation: 1702460754270910
x-goog-hash: crc32c=8F8jdg==, md5=5ysHxVi8hyju/V9EDwuWIg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 43095
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 27, 36

GET
H2 200 pixel.js Show response
storage.reurl.cc/javascripts/ 429 B
530 B 3ms
3ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:01:08 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 19887
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-request-id: 584c2037-7826-4ace-98a2-83ba16ae866a

GET
H2 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
630 B 3ms
3ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 03:45:23 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 6432
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 536
x-request-id: 72bc79b2-eb09-4045-952e-80fc94563334

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 83ms
42ms Script
application/javascript 2404:6800:4004:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37780735fdee3a818e05f9ca0d1aa2f435cecfee120db7065ce489efc2673e2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93963
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 18 Dec 2023 05:32:35 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 144ms
98ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eae4627038267dcd72386b5ec02a8ec6a780fa3ed9e9b4b5320145773f64ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29460
x-xss-protection: 0
server: cafe
etag: 315 / 19709 / m202312060101 / config-hash: 17400476758908410755
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 05:32:35 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 14ms
2ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4670948
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700021-NRT
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
405 B 84ms
3ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 00:14:41 GMT
content-encoding: gzip
via: 1.1 google
age: 19074
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-request-id: 74cc5e64-b009-429c-a572-de62c5f2f24b
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 loading.js Show response
storage.reurl.cc/javascripts/ 134 B
231 B 85ms
4ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 01:10:41 GMT
content-encoding: gzip
via: 1.1 google
age: 15714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-request-id: d1f68e45-4f38-442b-b29c-86a648f8d23b
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 4758 95 KB
26 KB 161ms
155ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d24d9634bcd72da32ce4b3650b61844a3ee6ff78a7f5d2885a14c4e3319858d3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:35 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 7r3SXW7U8SxYTutyQHnHxuvIBZzRMH9+JJUC8a5Yk0WeJYz1R1WjF2375aGZMKXk/fR6C5aYdIif1cQj4rtrLg==
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 125ms
45ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 1f03351dce6d90ef1d3d3a9a804171bd18f8e12df5715183143832f68f10415e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1a94-oYmSZwSS+EQZTZUWg4tkstW0UbQ"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6804

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 9ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 05:32:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: TjqXcYsLjyqnJkpa6WHJMpOGcm9NeXrj9sPUA6sPess+X6hX62jR7aKmTQSrUv25BCUvUpdSejgI79Mxpi2LNg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 85ms
4ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 04:51:39 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 2456
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 18 Dec 2023 06:51:39 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 126 KB
33 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a20765e5d4a6ad2eb6b870d966a04fd6ac94765e2b6b7b93fe9af13b3e975cda

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 05:32:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33944
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: H/BHcD3RLMVMkifoopS6mW9nBBBYaFkSjGxfF01+TIRfu8gOR68fOKrv4uMlD0ETrrC2vFzoDEwe7AmFvKkyNw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 2ms
2ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702877555292&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702877555290.769777157&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702877555274&coo=false&cs_cc=1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 18 Dec 2023 05:32:35 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 37ms
36ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2126286959&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=378546335&gjid=831455411&cid=1704609682.1702877555&tid=UA-102456694-1&_gid=589796479.1702877555&_r=1&_slc=1&z=1116200793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 2ms
2ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=2126286959&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNjk&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1704609682.1702877555&tid=UA-102456694-1&_gid=589796479.1702877555&z=1763259777

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 23:50:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 20527
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 89ms
37ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702877555213&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1704609682.1702877555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702877555&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=483
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 154ms
48ms Ping
text/plain 2404:6800:4008:c13::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=1704609682.1702877555&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 94ms
42ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=1704609682.1702877555&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=1363790683

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hixai_01.png
asset.re-news.tw/images/ 50 KB
50 KB 93ms
3ms Image
image/png 34.117.23.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.re-news.tw/images/hixai_01.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.23.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 04:42:03 GMT
via: 1.1 google
age: 3032
x-guploader-uploadid: ABPtcPoOkezS2_DunFvByG3XzQIJDp-eQODmVB4BkLLkgtXb0AT1uIIcuKx-rEd-g_VzwspGJyiDrVUnITmktTL1I1OkYQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50782
last-modified: Wed, 13 Dec 2023 00:18:11 GMT
server: UploadServer
etag: "4bc4e9cf9ad6014d41500be13cd9346a"
x-goog-generation: 1702426691735325
x-goog-hash: crc32c=YULtsQ==, md5=S8Tpz5rWAU1BUAvhPNk0ag==
content-type: image/png
cache-control: public,max-age=3600
x-goog-stored-content-length: 50782
accept-ranges: bytes

GET
H2 200 1702874995-812749e1a307f38fd0a88b54bea55ff2-840x525.png
img.gbyhn.com.tw/2023/12/ 527 KB
528 KB 47ms
22ms Image
image/png 2606:4700:3034::6815:6009
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/12/1702874995-812749e1a307f38fd0a88b54bea55ff2-840x525.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:6009 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8b1888e480bff938d05607c064b5bb0fc3832671bffba92ba0efaba03138553

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1830
alt-svc: h3=":443"; ma=86400
content-length: 539851
last-modified: Mon, 18 Dec 2023 04:49:56 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9BmvyQy2RHJQ7K6v2a9%2F2BSeLki0vwUiswszHT%2B1Lzt0U1fBCw79FIxGQ0jhyJT6ft2UV2OCeVtjOURB4mKuinHzKjU%2F5HWanjL7AGNHLR3RPLqNIqVhVVAYoJFNm8%2BgXlTIai8fzQsTrKhEcJw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 837506b15a566830-NRT
expires: Mon, 25 Dec 2023 04:51:02 GMT

GET
H2 200 1.jpg
mma.prnasia.com/media2/2300780/ 72 KB
73 KB 48ms
30ms Image
image/jpeg 2606:4700::6811:eec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2300780/1.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:eec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ea6402bc80748ff4b15d2e9ebf10487c3189ef6b0562c8d2f0873ddefe96ff15

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
cf-cache-status: HIT
age: 18571
x-powered-by: ASP.NET
server-timing: intid;desc=b5d769c03982008b
content-length: 73803
cf-bgj: h2pri
last-modified: Mon, 18 Dec 2023 00:20:25 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 837506b14d9f688b-NRT
access-control-allow-headers: Content-Type
expires: Mon, 18 Dec 2023 00:20:26 GMT

GET
H2 200 %E4%B8%AD%E4%BF%A1-foodpanda-%E8%81%AF%E5%90%8D%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/12/ 43 KB
43 KB 220ms
131ms Image
image/webp 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/12/%E4%B8%AD%E4%BF%A1-foodpanda-%E8%81%AF%E5%90%8D%E5%8D%A1%EF%BC%8C%E6%9C%80%E9%AB%98-10-%E5%9B%9E%E9%A5%8B-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

600c612f4248fc7e273b43e22c1d0bec2cc7ac798548e3e4c569f463f2dc919e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.nrt _atomic_bur BYPASS
content-length: 43654
x-nc: HIT bur 5
last-modified: Sun, 17 Dec 2023 16:44:01 GMT
server: nginx
etag: "8650b40f3e4675cd"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Wed, 17 Dec 2025 04:44:01 GMT

GET
H2 200 2023121511050511.jpg
img.racingcharger.tw/wp-content/uploads/ 121 KB
121 KB 355ms
150ms Image
image/jpeg 61.216.47.122
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023121511050511.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-216-47-122.hinet-ip.hinet.net
Software: Apache /
Resource Hash: c3521ababf7c02017061357a6935c48edd271c70586b05a556e3de6eb378f383

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
last-modified: Fri, 15 Dec 2023 11:05:13 GMT
server: Apache
accept-ranges: bytes
content-length: 124092
content-type: image/jpeg

GET
H2 200 renews-title1.png
re-news.tw/images/ 24 KB
24 KB 255ms
45ms Image
image/png 35.185.136.122
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://re-news.tw/images/renews-title1.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 122.136.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
last-modified: Sun, 28 Nov 2021 04:19:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "61a30347-5fad"
content-length: 24493
content-type: image/png

GET
H2 200 %E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 612 KB
612 KB 108ms
4ms Image
image/png 35.190.31.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.190.31.54 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 54.31.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Mon, 18 Dec 2023 05:32:35 GMT
expires: Tue, 17 Dec 2024 04:54:03 GMT
last-modified: Sat, 02 Dec 2023 07:13:09 GMT
server: nginx
etag: "656ad905-98e3b"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 626235
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 248 KB
248 KB 48ms
25ms Image
image/png 2600:9000:20c4:6000:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c4:6000:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-seen-by: image-manipulator-7c76496fbd-bz6ff
date: Fri, 13 Oct 2023 11:18:20 GMT
via: 1.1 google, 1.1 602bcedf7ef82f0366a2d068f104d1b6.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: NRT57-C2
age: 5681655
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pJTXOP9xaJCTI_zZpdvySjkVQs-G4R6zfdUt8VVbTUIUfhjKdjJuOg==
content-length: 253615
wix-tracer: 2WhrxaKwv8p2lJNwgKmnBT7r70v

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 348ms
272ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
strict-transport-security: max-age=31536000
x-ac: 3.nrt _atomic_bur BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Mon, 25 Dec 2023 05:32:35 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame 4758 20 KB
6 KB 16ms
7ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QZ/F21WCMvVioyUwMJMxZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5281
reporting-endpoints
x-fb-debug: UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:50:30 GMT

GET
H2 200 V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 4758 33 KB
7 KB 15ms
6ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mEms5HNO4RW/YAm2lY0J/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6478
reporting-endpoints
x-fb-debug: 2FKOcdFgDuplfAzBKrSPAMlkPEdd5SjrCXl6DpmH/JlmoF8nPNHoIyzH9u1yNr56lus6tEeqaFWPDLtlmhm36Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 12 Dec 2024 23:18:02 GMT

GET
H2 200 L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame 4758 21 KB
5 KB 16ms
7ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YxGy9ULmNYpse9KBe8qMZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4833
reporting-endpoints
x-fb-debug: oP30b8Fex/12Yh8uGy4DlJzZZCBmscKw2agTXqTFQeBZl6g8f16M367GbA5+TnYOK6DAhLLIWDWnX29dhCjLGA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:30:54 GMT

GET
H2 200 V1vOOFer-BX.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 4758 355 KB
92 KB 23ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

057c2344e0b50b00e1c724d669039ec2dcecc2bef96306e592d6796e79a427e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: He/ZPngiBUSATczmfQDoQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93947
reporting-endpoints
x-fb-debug: 29PqocqqqQC0gP2WaTgXm8NyNuh9zMcFIdHRAvJgaMYp/U8AgSSIrID8uxWrHL+GHg11RESp9sPFJVn64LqqIQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 19:36:39 GMT

GET
H2 200 7r7tZCAH9GJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 4758 92 KB
27 KB 23ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/7r7tZCAH9GJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2a214081e1f3ea56cc068ad53949224dc0bf812231321efbad123cd56e60a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Nuy0ctrIX0iDEcbl2G69vQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 26954
reporting-endpoints
x-fb-debug: DXgRxfQTtMvlGARJgOrQkQXbCasC3GAygCLKuYXrIZ91AS39xgoYNcba8NhMv+p9UC8K8huM2aJA7gYD1bGVpA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 03:14:32 GMT

GET
H2 200 iipoaaPMQWA.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 4758 10 KB
4 KB 22ms
14ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/iipoaaPMQWA.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f8de7cee98aac8df37124af2410ddfc2666f8a7726c23fc9133e5dbc39e9110

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1YRElIl3L+XHpe+ivxTrHg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3432
reporting-endpoints
x-fb-debug: rOLQh85XfAn+m4PtSmA2YPs2obpw8Lkyu9ErfixorZFKfza5E4ZZw82hqsm4pdcMS4jXP9V678MkWxJinfzdng==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 16 Dec 2024 16:00:37 GMT

GET
H2 200 8bldmsbpAhD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 4758 52 KB
17 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/8bldmsbpAhD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4LY6iPvdsoz2sXdsRhqtTw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16955
reporting-endpoints
x-fb-debug: LAa2r9XSJVHmcF7Is6kHx7DdAq9p28Amrqe8VFjsJY0Tx8cbRqOAqWpF/t2swH6XQaKEHFwqiiZPb81OmC2s+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 21:53:11 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 4758 507 B
517 B 16ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:53:20 GMT

GET
H2 200 JMOqY9JKrro.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/ Frame 4758 28 KB
8 KB 16ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/JMOqY9JKrro.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mjvZ5joGpic7fey1cr75Fw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7933
reporting-endpoints
x-fb-debug: smONVhMBQ2e+9UJ+F1oLiixKkEErYy4PJKPY1xiq65pRmP0LREEhfVL/ogs346PJtH0z5DHqGhk1lvRmiA9ohA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 17:26:23 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 4758 71 KB
20 KB 21ms
13ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: phAMyoOpvbhoet00DvMWkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20298
reporting-endpoints
x-fb-debug: zQnl1qRETtKYNccCJliwClHhcTyw13j4rWamYLsyrIgq/C70aeorXkCrv32/jWzKZSjZz9bhTc825ekBnojeWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:24:16 GMT

GET
H2 200 O4pjji3O2Hz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUOk4/yL/l/ja_JP/ Frame 4758 348 KB
82 KB 16ms
9ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/yL/l/ja_JP/O4pjji3O2Hz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c080f221f569b8a4b7208f300af13ae9fd982454b06a9e4e2e66c79b81a53cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mimP34/guAYZEI+K5MVdWw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83427
reporting-endpoints
x-fb-debug: nP3ZePEeJZQm9BU3aK7gwos27JVQoMe2BDTRB/cW1R6YuLJxo5irxHlFdDDy2upbPxqU79ynAUhIW0kwvdaHlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 17:26:23 GMT

GET
H2 200 TioQWlTZ3BG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 4758 397 KB
94 KB 22ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95634
reporting-endpoints
x-fb-debug: oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:24:12 GMT

GET
H2 200 8DaIz0hDZK1.js Show response
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yd/l/ja_JP/ Frame 4758 41 KB
12 KB 20ms
14ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yd/l/ja_JP/8DaIz0hDZK1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

372e3a6ccf4db838ce71fc2958e7243c2fc00f939e6727d32810581cf5fee54a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Pq1O5lvZ8STAHgT1H08+gQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12501
reporting-endpoints
x-fb-debug: jhgRqBINVjOBncnjxpfNCpiq9/A/KyK4IEvwHSBkcfHOV7hK45bAYokZL9hE7fALs0h4C2W6TFkmP4kI0DEO5A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 16 Dec 2024 16:00:48 GMT

GET
H2 200 uJcry4Jjx7c.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 4758 208 KB
60 KB 16ms
9ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/uJcry4Jjx7c.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6NU2u2NaljUSgCnnqgTgQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60780
reporting-endpoints
x-fb-debug: yx/RGJfFyr/spJmmvOSojymbwcIeoWou0EM0BVWsUxjN26rDiGkFEWvmbiP+tLFkY4Z7fV11EKfi1VsGdkMTzQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 17:26:23 GMT

GET
H2 200 AtSyd-CXLO4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 4758 28 KB
7 KB 21ms
15ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/AtSyd-CXLO4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2736987e98de6fc58654107cbf827e6dee07c75ca0814b7638ce694b30ec26d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: PQ5ohEVAHKXliVjJOEp6Og==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7381
reporting-endpoints
x-fb-debug: sasdSTjohNyjBPHl4glf1tAkInpMzOTtVxLGQOSTJSssD+49X+pfvEph4sGvZZ0RcukZaFrzBwzOZqL7NApOBA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 03:15:57 GMT

GET
H2 200 -U6CwrkFkLw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 4758 19 KB
7 KB 21ms
14ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/-U6CwrkFkLw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5wlfDrXyDMlD8JmH+DbWqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6829
reporting-endpoints
x-fb-debug: EblvZk3cztYR1/3ntU3D4kgcsVWfrtACJqxKkLhDrFx3LfPf/YnW38yAXf6Ep+EJRVmV37FVpci0VoUGo92h+g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 11 Dec 2024 16:39:22 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 4758 55 KB
15 KB 20ms
14ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: E7HEf7GE1ouopcherERCdwAkmePXk9XADW+70gW4hvK1MnxHRafsiahYIKBQckTmsCVot1DjzSp1e5hRD+1m9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 22:48:21 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
154 B 143ms
49ms XHR
text/plain 2404:6800:4008:c13::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=1704609682.1702877555&jid=378546335&gjid=831455411&_gid=589796479.1702877555&_u=IEBAAEAAAAAAACAAI~&z=2081950389

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c13::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 431 KB
135 KB 10ms
5ms Script
text/javascript 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 11:39:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64404
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138180
x-xss-protection: 0
server: cafe
etag: 6854214708762155125
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 16 Dec 2024 11:39:11 GMT

GET 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-fco2-1.xx.fbcdn.net/v/t39.30808-6/ Frame 4758 0
0

GET 305964663_450890893727816_1742559653774706626_n.jpg
scontent-fco2-1.xx.fbcdn.net/v/t39.30808-1/ Frame 4758 0
0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 461ms
175ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Dec 2023 05:32:35 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 26ms
9ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 208019
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 837506b26a94af6a-NRT
expires: Thu, 21 Dec 2023 05:32:35 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 13ms
3ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:29:45 GMT
content-encoding: gzip
age: 1155770
x-guploader-uploadid: ABPtcPov-txRzSmQTRO-Tz408XDiITKVvPNRo9Mu4E3aZKZgOTVSS2nrvbBIooMmUkM8ZWHdCPvkPanRjsnrlPSgAeT94w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:29:45 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 244ms
235ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: b3048ce065220992b030a19839a01479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 18ms
4ms Script
text/javascript 13.35.49.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.49.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-49-117.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 22:15:15 GMT
content-encoding: gzip
via: 1.1 98ad3b0157ad734930c74fb6551aa14e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C1
age: 26241
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: E4N5gF8isikoZz7gWIxZ8yWpb4q8wIJAxT2pJsnyyDDA0hQcoCYKzg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 281 KB
67 KB 413ms
413ms Fetch
text/plain 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3892538116021409&correlator=3914084339541288&eid=31079958%2C44782505&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702877555552&lmt=1702877555&adxs=245%2C1005%2C245%2C625&adys=455%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=1704609682.1702877555&ga_sid=1702877556&ga_hid=2126286959&ga_fc=true&dlt=1702877555118&idt=400&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a08a99030869bed0728f75459470e1ccda7bbecb8189f2ff52b6da0c1d7ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68109
x-xss-protection: 0
google-lineitem-id: -1,6424070779,-1,6297900949
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138456634296,-1,138432357881
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 416ms
415ms Fetch
text/plain 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3892538116021409&correlator=3914084339541288&eid=31079958%2C44782505&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702877555560&lmt=1702877555&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=1704609682.1702877555&ga_sid=1702877556&ga_hid=2126286959&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY3dal28cxSABSAghkEhsKDDMzYWNyb3NzLmNvbRjd1qXbxzFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Y3dal28cxSABSAghkEhcKCHJ0YmhvdXNlGN3WpdvHMUgAUgIIZBIUCgVvcGVueBjd1qXbxzFIAFICCGQ.&dlt=1702877555118&idt=400&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

514ba16fab9edb92239356c5f17c251adee88a76a533408c96bb5b5f0cc4e264

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12514
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04F1 6 KB
3 KB 123ms
40ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:35 GMT
expires: Tue, 17 Dec 2024 05:32:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 4758 573 B
714 B 2ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 21:03:22 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 4758 0
0

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 4758 955 B
825 B 205ms
205ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9638ea615b35a0294609caee49d3557013bf6383ca1279e52f0a4ff8d6366a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 4-IdoDFRhmnWyYaFy5I-8E
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: SxsxnWkEDX3IwW5LndDfI6NgvzmaKCQQKIjl5+xVccFT8AQF4wD+MsVWL20b2+aWGhGXMv9LE/Vu204rmdILTg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 4758 955 B
662 B 108ms
107ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

acb7f348911d4315abd63bf31ceb92b197a7f6716794d71607aeea4a28d9f0ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: 4-IdoDFRhmnWyYaFy5I-8E
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: kMPgyrbpdKBQ9UjBpVt6xDD/tEh7S1qoU/sjfWVDBgt7naCtO1gfOBaMY+7yF63M8a8e/qILwFRbZFmaAxHyPg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 85ms
42ms Image
image/gif 2404:6800:4004:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1704609682.1702877555&jid=378546335&_u=IEBAAEAAAAAAACAAI~&z=506537127

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 62ms
60ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=1704609682.1702877555&jid=378546335&_u=IEBAAEAAAAAAACAAI~&z=506537127

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 4758 12 KB
12 KB 3ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
reporting-endpoints
x-fb-debug: 9K4FVCzo+HBwGo/nn3SMybjMfx6IrRqxvjei+QzmZ4nC4zuFaBocqjCD3RyBAkw11cyzeYp/iIJ8zuTN2YIBRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Wed, 11 Dec 2024 20:21:50 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 4758 1 KB
1 KB 3ms
3ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: XkOus0AgWRGI37rkLDldzMzF8qYSNxRnju++q7+S0Sw3MSXgpV5wFZsAIEk+GO5yc4B/yf2zOF7ZlhkvTepm4g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 15 Dec 2024 17:51:05 GMT

GET
H2 200 kCwDvxe1QsQ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame 4758 12 KB
4 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/kCwDvxe1QsQ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8PPs50PtkMAX5E1OU2ogzA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3451
reporting-endpoints
x-fb-debug: B8Ddr5aOHNMp6uIVxxeTGjphbL3u/cPRcGeEgjaS+pwNvRGoHMQ33FM8HbO6zLCak6PFI8OgQ/kG7EWr33a2ZA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 00:01:17 GMT

GET
H2 200 NWdoT9okmQL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ym/r/ Frame 4758 339 KB
73 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ym/r/NWdoT9okmQL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66612ef55fe31efc360ff2955105c099cc366108e0d69246f98913273638d5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NlfuiXop2e7pBV4Kvjq/Zw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74668
reporting-endpoints
x-fb-debug: XxzfOGAw2Cuy+caY+FOp8hohuq5yRuRJlqc9BV5mJ5X7nwSTC8g+RQRW6Db/s3uP0+XlJlSTGRRRgea/Rs49Yw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 14 Dec 2024 17:18:38 GMT

GET
H2 200 1ZVloxTqxcM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame 4758 2 KB
1 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/1ZVloxTqxcM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

353b802475ea4a2e76926cdf15dfc6363c09126b127e253ca8806120ff5fe85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: I2EBJnaNMV2qKkly8o1zSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 922
reporting-endpoints
x-fb-debug: Sg5ijmRHcYVAUBUPSrSBkz+l3vmVVbRzvw/Mk8xAwsKLu0vabTHPjEhM4c+7rYR+Bw8lDrwnckT7II0HQWO6fA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 15 Dec 2024 17:26:23 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

85 B
193 B

149ms
149ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 67ed3d5b419996e73e4b8d36ab9fc6d49cfcd32e459c2102012f0a14da60214d

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:35 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-NzyypRg6R3bByiHsjzlI8sqaHFA"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Mon, 18 Dec 2023 05:32:35 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
610 B 236ms
92ms XHR
application/json 18.136.163.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.136.163.161 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-136-163-161.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5759a717b640782fc167a11651bbc63579dc65555ba559965caefecfd0b9d03d

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:35 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://reurl.cc
cache-control: no-cache
x-server: 10.42.18.177
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 4758 213 B
353 B 3ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:35 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: PaQaxrrG/SwH/VCxoBLUJjuZVRObYZsc6u8gggjVxB+aLLJmRUd1odY1Hhf/Ee68u+Hm63Q7+IpSs0RaVwM7Eg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 03 Dec 2024 18:38:39 GMT

GET /
www.facebook.com/login/ Frame 4758 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 4758 0
0 143ms
143ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Dec 2023 05:32:35 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 6AgKyFskpgQmjFaOAhdb1IDK/8K/5X7XSpiPriDo6QLTuYkGl3uC2jzTMWAH5z4Z3gI09jUpOunXuBTEONjx2g==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 88AE 484 B
725 B 54ms
46ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a41a4c92e8300e09546dce94d4523c851ea9f20a9a8535949c42c9c72a2756f0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Mon, 18 Dec 2023 05:32:35 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST bz
www.facebook.com/ajax/ Frame 4758 0
0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3345 0
0 42ms
42ms Fetch
image/gif 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaDPHuxrtu4XIqy62OyFZMMPl-duPjF30psYxgbAirjWfftW-c3G2jV6Wra5A0w0dZtAIX_CqkVU00WE7In1U1mn1ZlHMrqdCeQCWxybXH_PKMGlgpePeh46XMOhtFH6wugftwubplFfQbxDWh-0h-Q17ZQMJoGTIdFfLwnCQmDr5OPBRhDFQtBk-XF-eeGc71-k_uWrqXp8tOzDQtsdhGrWaYcf1_ltNcZlPRS7aiiRhZOW6mcA4b9VwrdHofqiNBQECjasnbIIxxhzUHzgdwi-V35fTrJI74H0n_VG6K1tfLyq9KvxfE2Inl3ZTmSfLtc4C0j1p85qjdw2VkT9ALxDD6XDtuNce63TGlzKrs0v9DJ-eJuL2nb_9bxurKwCbTqvZjsg&sai=AMfl-YSlrXGRKTN3qufiadSgfspcIflyJnYzWOUmVVV6CW7O5F8gIu1P9ZrgWj0OmAIAjStxFA75gZ4xY53HdkW2q22FGXHtlkJzQMA5sBtLnzHY7o9yjGibnVNY7CaMe1WJ-v2BHIurkMBaEMcJZJttrTM7&sig=Cg0ArKJSzFOW_prSj4HcEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame 3345 535 B
899 B 18ms
3ms Script
application/javascript 18.172.52.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.52.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-52-51.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:28:17 GMT
via: 1.1 eb26c935e3c6a5bcdb7ba5851b3753d6.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 5965460
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: JJGupzqWPriW_83yR3U5KiNxrEtkXWiwH_pai4izd_Tcsozl0Fos5Q==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3345 203 KB
65 KB 503ms
460ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 88AE
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=35479725-ccea-4f91-9ed3-a6e077a71f44&ttd_puid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0&gdpr_consent=

43 B
240 B

46ms
45ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=35479725-ccea-4f91-9ed3-a6e077a71f44&ttd_puid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=35479725-ccea-4f91-9ed3-a6e077a71f44&ttd_puid=8e45be66-6367-7609-d6e3-97a271d7d9d6&gdpr=0&gdpr_consent=
date: Mon, 18 Dec 2023 05:32:36 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 88AE
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZX-ZdMCo8YEAAI3Y5lkAAAAA

43 B
171 B

43ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZX-ZdMCo8YEAAI3Y5lkAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Mon, 18 Dec 2023 05:32:36 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.169","key":"ZX-ZdMCo8YEAAI3Y5lkAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad381"}
X-SO-Key: ZX-ZdMCo8YEAAI3Y5lkAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad381
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZX-ZdMCo8YEAAI3Y5lkAAAAA
Cache-Control: private
X-SO-HostName: m-ad381.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: m-tgng29.dc4p.scaleout.jp
X-SO-IP: 31.204.145.169

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 88AE
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYI4gYRXq23Gks8AED41uJwSFc8AAAGMe2ltWA

43 B
97 B

39ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYI4gYRXq23Gks8AED41uJwSFc8AAAGMe2ltWA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 ec7e029564542f4eb6196ab046d31626.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AYI4gYRXq23Gks8AED41uJwSFc8AAAGMe2ltWA
cache-control: no-cache
content-length: 0
x-amz-cf-id: T6dcP3QW-9thyg9JHVvg8Cz101O1wzB0LkW-lW0CzepX4qqQE15Nzw==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 88AE 170 B
243 B 84ms
42ms Image
image/png 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTIyYTZkYWMtYWExMC0yOGFkLWMzMDMtY2QxYmJiMzUxN2I2

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 88AE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBNnnf5xC1EcAcRYOGUrl0&google_cver=1

43 B
97 B

43ms
42ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBNnnf5xC1EcAcRYOGUrl0&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBBNnnf5xC1EcAcRYOGUrl0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 807ms
265ms Script
binary/octet-stream 3.160.119.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.119.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-119-38.eze50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:34:42 GMT
via: 1.1 aca03bed52745e9d30eb09d382c93e16.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: EZE50-P2
age: 20901475
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: B2H-8-6rAyoAliWGkSH7BBXGgMgqvQg9qInlVML6EpK1Qhs7vAWnlQ==

GET
H2 200 container.html Show response
aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 731F 6 KB
3 KB 3ms
2ms Document
text/html 2404:6800:4004:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:35 GMT
expires: Tue, 17 Dec 2024 05:32:35 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2619 0
0 42ms
41ms Fetch
image/gif 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssaj1XU1fEVp1BxV6Z4Yt3o7ReI184dfy2MV1--q567Y3mx2p3mcKi_uQiUy1Y-Bteq5bBuYdPR52cktQbBQqF7Ii1ldOb_RIdlDMSEO4G1mU2O23ojmu9yWc9yRXQh4dzQZm29_BpmF049nbutHiX7PpUM_KMsuFNfagenttcr3rp3eyr6kUWqcF2RkiCJWYmhiW1II1rCBuSptwXXc1dFyvVOfH-GYN1ioQs1MwdnfMOIlot6-O5YeD9dnwVTsyj-Fk-elAAKq34a5lvryR4W9ne9fbr-ZzNFG4Zmt4g-6FmyfcXn1xbADmYAa7DNbHNDdy6uoKq0HGMw7R6H9l_t5cPF5z8PK-i0kN_gduQnMoGbvrHUZCRcBCUdao4165VYxjnsX5c&sai=AMfl-YR_O-5IYEhrEWqqRlBlblFGTcu0QKB8PbzNfhbf-EeaYzIGQNQspyDtHsPSbA7E45keV96TnaaQ7UI6_GJ2Ym70t1HeAxS9lT5HcLv91xRhcHdrTEv4QWymRidnfyrBDC7gE9q1PnemzGg4jYSUN2U&sig=Cg0ArKJSzL0cUa673AU6EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK cf_reurl_tw_gam.js Show response
api.popin.cc/searchbox/ Frame 2619 127 KB
36 KB 20ms
11ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 4cff4212145b681f769f38c90dcef6433f17863f418f00c2881fe547cd86c4c8

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: x576D8ghAo5I3B80CIB9Fbt0lijiRrZk
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 14 Dec 2023 02:54:01 GMT
Server: nginx
ETag: W/"12f285eff7a5f00bc0a281fdf048ac61"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 18 Dec 2023 06:32:36 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2619 203 KB
64 KB 490ms
490ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 0744 196 KB
56 KB 80ms
5ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 15 Dec 2023 12:56:58 GMT
age: 232538
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 14 Dec 2024 12:56:58 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0744 15 KB
5 KB 87ms
12ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Dec 2023 10:22:44 GMT
age: 155392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 15 Dec 2024 10:22:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0744 95 KB
29 KB 85ms
10ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Dec 2023 19:20:30 GMT
age: 123126
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 15 Dec 2024 19:20:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0744 5 KB
2 KB 84ms
9ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Dec 2023 07:51:07 GMT
age: 164489
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 15 Dec 2024 07:51:07 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0744 40 KB
13 KB 83ms
8ms Script
text/javascript 2404:6800:4004:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:813::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 16 Dec 2023 18:54:00 GMT
age: 124716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 15 Dec 2024 18:54:00 GMT

GET
DATA 200
OK truncated
/ Frame 0744 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce14a6ab18f4c70c73a91e37a9a7ff7bb009a33ce5041186e9788efe7eac9298

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 88F0 0
0 44ms
43ms Fetch
image/gif 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8qHlCS1Aa078RG060XgwsW0QM9C2bXP7FF7FXJW5oXr493wApBd2bJ-y5Tu_nY0MvoXJMpf1wUntrnkiOnu-QY7OCQSr9ryHCQMWDUhupgqmYOJau_i2BCbtEgvqMIti0h81YW7_xyScxATOXYNCEN3zhecLmgMMJfgmw29BbCk2RlZKcPllaPoy4r2EVUlyTHXLMNIpo67OhQVYkEtdGLkYT4WGv_K4OSlFLFs0ZpnQbrRBzRICkBQzufcO4_7KD2VWNDA8oBx_UYrTQlgAE75e1_MIm3aGAjWIReG-7-hlwSpQeFX6FbdsjH_NnjYT87e5bni5pB0klFkypdYFCAeT1f7Sa0IOBSmlnzKzP6JoSkV3XPA9NFIVJAfO6x_7wIsUs0aTTLj0&sai=AMfl-YTo9vtBDjbf2iPnBGqy3f2aZ5XjZp0q19JMENUJ3JGIIuuMCeMBHb2rth0bD7mMKf11sqw0hwFaAzdzqEBsfh4tCpGwVIdmaR_-Q90ZtFTI_W_SYrHPuN_RZcXlLscDZAFAojyWpu15DxxwPuDdCgY&sig=Cg0ArKJSzNOHkfKcEeQIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 88F0 9 KB
10 KB 25ms
4ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Mon, 18 Dec 2023 05:32:08 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 29
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: h6lyM72eA_PxvtPq0rMM6f1Ku4GI3tojQbpY3vSxmH38K7OsfQ9bDw==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 88F0 203 KB
64 KB 470ms
469ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2 200 12121328789638687059
tpc.googlesyndication.com/simgad/ Frame 0744 34 KB
34 KB 46ms
4ms Image
image/jpeg 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12121328789638687059?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnDtrJlc8OInCrtKeh7YGouSeFweQ

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900acf956ee86f67f38d161886f8aedb1ce8dc2d51379f4fa50c359905515809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 01:26:51 GMT
x-content-type-options: nosniff
age: 187545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34538
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 07:49:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Dec 2024 01:26:51 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0744 3 KB
3 KB 47ms
6ms Image
image/png 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 06:55:37 GMT
x-content-type-options: nosniff
server: cafe
age: 81419
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Mon, 18 Dec 2023 06:55:37 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0744 344 B
714 B 44ms
3ms Image
image/png 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:11:03 GMT
x-content-type-options: nosniff
server: cafe
age: 80493
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 18 Dec 2023 07:11:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 731F 1 KB
908 B 89ms
42ms Stylesheet
text/css 2404:6800:4004:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%8A%E3%83%AB%EF%BC%AB%E5%A4%A7%EF%BD%9E%E9%99%90%E3%83%A7%E5%93%81%E3%83%831%E4%B8%81%E6%9C%9F%E3%83%9A%E3%81%B9%E5%8F%97%E7%94%BA9%E4%BA%95%EF%BC%91%E3%83%93%E9%9A%8E%E3%81%91%E9%96%8B%E8%88%97%E3%83%B3%E9%85%8D%20%2F%E5%89%B2%E5%8F%96%E3%82%93%E3%83%89%E3%82%B7%E7%9B%AE%E3%83%A2%E5%AE%85%E3%81%8B%E3%83%94%E5%86%85%E3%82%B0%E3%81%8F%E5%B7%9D%E3%82%B3%E2%88%92%E5%AE%9A%E5%9C%9F%EF%BC%94%E5%88%86%E9%96%93%E5%8F%AF%EF%BC%8D%E3%83%97%E3%83%A3%EF%BC%93%E3%82%AD0%E6%99%82%E6%97%8F%E5%8C%BA%E5%BA%97%E5%9C%B0%E5%AE%B6%E3%83%BC

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4363914e61f20712ceaea8f4ff19886411a92c0636c34320dda02e22cf2bd41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 18 Dec 2023 05:32:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 731F 2 KB
971 B 4ms
3ms Script
text/javascript 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 05:41:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85886
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:41:10 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 731F 23 KB
9 KB 6ms
5ms Script
text/javascript 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 01:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 01 Jan 2024 01:37:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 731F 3 KB
1 KB 6ms
5ms Script
text/javascript 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:12:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 13:12:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 731F 20 KB
8 KB 6ms
5ms Script
text/javascript 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 13:30:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 13:30:10 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 731F 225 B
330 B 6ms
5ms Image
image/png 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 20:28:42 GMT
x-content-type-options: nosniff
server: cafe
age: 32634
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 18 Dec 2023 20:28:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 731F 203 KB
64 KB 421ms
421ms Script
text/javascript 2404:6800:4004:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 731F 37 KB
16 KB 48ms
2ms Script
text/javascript 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 16:33:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46728
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 16 Mar 2024 16:33:48 GMT

GET
H2 200 803190109232786791
tpc.googlesyndication.com/simgad/ Frame 731F 2 KB
2 KB 4ms
3ms Image
image/jpeg 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/803190109232786791?w=100&h=100&tw=1&q=75

Requested by

Host: aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
URL: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe5aec7794493f6a6be25e6641722624d2211a009c3e6c2c81cd3808d20e9de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:47:57 GMT
x-content-type-options: nosniff
age: 467079
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2026
x-xss-protection: 0
last-modified: Tue, 01 Aug 2023 01:44:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 11 Dec 2024 19:47:57 GMT

GET
DATA 200
OK truncated
/ Frame 731F 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 731F 246 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 731F 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E73C 15 KB
6 KB 455ms
158ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:35 GMT
server: Kestrel
server-processing-duration-in-ticks: 347723
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ Frame 2619 34 KB
13 KB 5ms
5ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Timing-Allow-Origin: *
Expires: Mon, 18 Dec 2023 06:32:36 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ Frame 2619 28 KB
16 KB 150ms
141ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Freurl.cc%2FgaOWLp&&device=pc&media=reurl.cc&extra=windows&agency=popinag&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=676d562047e6f33af4c1702845156169&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ1c2VyX3RkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInVzZXJfdGRfcGF0aCI6Ii9nYU9XTHAiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiIiwidXNlcl90ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInVzZXJfdGRfcGxhdGZvcm0iOiJXaW4zMiIsInVzZXJfdGRfaG9zdCI6InJldXJsLmNjIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTcwMjg3NzU1NjE3MCwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_9ae0352ee41a
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: a860177d5df14278387df3bb346dad1fcc8b4cb5cb7cb890a184cbba3caabc46

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H2 200 track.js Show response
ad.tagtoo.co/media/ad/ Frame 2619 6 KB
2 KB 15ms
2ms Script
text/javascript 34.111.12.34
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.tagtoo.co/media/ad/track.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 34.12.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d20139c9138e849d5f5935bcc482be2b21e43ae116ff4950ed4e5c89dba0184b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:08:54 GMT
content-encoding: gzip
via: 1.1 google
age: 1422
x-guploader-uploadid: ABPtcPp2oFvWxx_CQwcv6K-tM7-gtuLWfnQTuoPK6_wsSEnX-vhE7Nq4mJR59T04repGo1Em5qtXna2yV-mjCZzunEYmVlYXPStc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1808
last-modified: Fri, 15 Dec 2023 09:41:13 GMT
server: UploadServer
etag: "272774bfd4f8b5a5c78ce82870cc19bf"
vary: Accept-Encoding
x-goog-generation: 1702633273480157
x-goog-hash: crc32c=YlJkQQ==, md5=Jyd0v9T4taXHjOgocMwZvw==
access-control-allow-origin: *
access-control-expose-headers: Content-Type,Access-Control-Allow-Origin
cache-control: public, max-age=3600
x-goog-stored-content-length: 1808
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Mon, 18 Dec 2023 06:08:54 GMT

GET
H2 200 tuec.js Show response
uec.tagtoo.co/ Frame 2619 10 KB
4 KB 16ms
3ms Script
application/javascript 34.107.150.21
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://uec.tagtoo.co/tuec.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 21.150.107.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 04:35:15 GMT
content-encoding: gzip
age: 3441
x-guploader-uploadid: ABPtcPppiEQvFKZHbZN8wEFYOrIqO48iOI9g5u3MVm2b4Oye04Fg6qTuI2U6dXI8f-PLZlgEhw8zFEg1tIYzlakOeEtnav2mVO9_
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3770
last-modified: Tue, 12 Dec 2023 09:08:46 GMT
server: UploadServer
etag: "2fa133db50cd81d87b8ffb8729a6ab35"
vary: Accept-Encoding
x-goog-generation: 1702372126688115
x-goog-hash: crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
content-type: application/javascript
cache-control: public,max-age=3600
x-goog-stored-content-length: 3770
accept-ranges: bytes

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ Frame 2619 156 KB
43 KB 17ms
16ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: Ob3Rg3l4X4hYCDKCZi4TBB1j2gDUvWNq
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Thu, 14 Dec 2023 10:19:50 GMT
Server: nginx
ETag: W/"7f4851f932ed60220942b1f8c3704083"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 18 Dec 2023 06:32:36 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 12ms
2ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImxvYyI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5In0=&t=1702877556172
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 12ms
2ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiJ9&t=1702877556174
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 3327 10 KB
10 KB 4ms
4ms Document
text/html 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 4
content-length: 9921
content-type: text/html
date: Mon, 18 Dec 2023 05:32:36 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
x-amz-cf-id: _NOCvUSH_dqtaVIpHLuG2-Ln0A79SM-HNB5O6BNo440zAVSX9B30pg==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 9007 11 KB
11 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 1
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: 5ASo9XJ11J91iVITRJuG5oQPFSY7CCGcG7_4k8dsyDEdeq-wkBZ20Q==

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 3327 35 B
470 B 404ms
109ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Mon, 18 Dec 2023 05:32:36 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 8E1F 0
218 B 142ms
6ms Document
text/html 52.197.157.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.157.219 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-157-219.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Dec 2023 05:32:36 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 1700 332 B
473 B 6169ms
6161ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Mon, 18 Dec 2023 05:32:42 GMT
referrer-policy: no-referrer

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 3327 409 B
632 B 25ms
4ms Script
application/javascript 52.193.138.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.193.138.211 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-193-138-211.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Dec 2023 05:32:36 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 3327 5 KB
3 KB 262ms
73ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Mon, 18 Dec 2023 05:42:36 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 3327 0
217 B 1154ms
1018ms Image
text/html 52.197.157.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.157.219 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-157-219.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 3327
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
500 B

154ms
153ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google
m.holmesmind.com/ml/ Frame 3327
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEPCaMdZVHm9qhZa9YnVXc5c&google_cver=1

0
472 B

26ms
17ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEPCaMdZVHm9qhZa9YnVXc5c&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-guploader-uploadid: ABPtcPoyD6nzGbS95r6zFNzhx8UKMQxfbbrkSXXvhf0tK4QLpxTQnjF64VDTki_uK0EBH4LYObyPVtUwELRVVEQDaGKlTr9_gu7o
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Mon, 18 Dec 2023 06:32:36 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEPCaMdZVHm9qhZa9YnVXc5c&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 731F 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d4032bbf60c54eddf26d74e96fe3bbe5789ba9ffa00964f6252461138964825

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0744
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

156ms
73ms

Image
text/html

2404:6800:4004:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 2404:6800:4004:812::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 9007 1 KB
673 B 64ms
10ms Script
text/html 18.182.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 9007 30 KB
30 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Mon, 18 Dec 2023 05:32:25 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 12
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: RxZITxBZm-k4CBj-9KfjjTCCMNiytJbKfFvNvgwm0yEk_gqT5D30Og==

GET
H2 200 3134.js Show response
ecs.tagtoo.co/js/ Frame 2619 64 KB
20 KB 17ms
3ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/3134.js
Requested by: Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:10:21 GMT
content-encoding: gzip
age: 1335
x-guploader-uploadid: ABPtcPrFLtkULV57At_W7SNyTXUuH4hzVaIhedo4UIY0MYJ9XmuTT1PZN6A-nAhwK-q24WSkLLqp1AK4EWEwwsx_Fg8Fbg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20110
last-modified: Wed, 06 Dec 2023 04:54:12 GMT
server: UploadServer
etag: "c850b80896c41c8272295a934e2f4145"
vary: Accept-Encoding
x-goog-generation: 1701838452348554
x-goog-hash: crc32c=Lcx2rw==, md5=yFC4CJbEHIJyKVqTTi9BRQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=5400
x-goog-stored-content-length: 20110
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Mon, 18 Dec 2023 06:40:21 GMT

GET
H3 200 12121328789638687059
tpc.googlesyndication.com/simgad/ Frame 0744 34 KB
34 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12121328789638687059?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnDtrJlc8OInCrtKeh7YGouSeFweQ

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

900acf956ee86f67f38d161886f8aedb1ce8dc2d51379f4fa50c359905515809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 01:26:51 GMT
x-content-type-options: nosniff
age: 187545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34538
x-xss-protection: 0
last-modified: Mon, 27 Nov 2023 07:49:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 15 Dec 2024 01:26:51 GMT

GET
H3 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0744 3 KB
3 KB 5ms
4ms Image
image/png 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 06:55:37 GMT
x-content-type-options: nosniff
server: cafe
age: 81419
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Mon, 18 Dec 2023 06:55:37 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0744 344 B
368 B 3ms
3ms Image
image/png 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:11:03 GMT
x-content-type-options: nosniff
server: cafe
age: 80493
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Mon, 18 Dec 2023 07:11:03 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 3327 202 KB
53 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 18 Dec 2023 05:32:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 5OnRWYBh/GfQNUL/bDNWqkrhrRW50WJDtnQrtNA8uOcSi4pWIY5GmINqyDxaxGrJYB7W7Po1eP25Jk/F3YAEnQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 unitrack.js Show response
ecs.tagtoo.co/js/ Frame 2619 26 KB
9 KB 3ms
2ms Script
application/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/unitrack.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/3134.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 04:46:33 GMT
content-encoding: gzip
age: 2763
x-guploader-uploadid: ABPtcPqBVaKKbh38wDVqMFUEtG1LwMMlWlCwtVhoA6Zr49x5vXgt4SzZdJdoM6bcHRxNaer_mww7qoOGiEEmYvNi7ie6TQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8725
last-modified: Wed, 17 May 2023 07:38:52 GMT
server: UploadServer
etag: "ccd513edbe3eb66c17d73c94d6462526"
vary: Accept-Encoding
x-goog-generation: 1684309132134575
x-goog-hash: crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public,max-age=5400
x-goog-stored-content-length: 8725
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
expires: Mon, 18 Dec 2023 06:16:33 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0744 0
0 45ms
45ms Image
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLX7mc9l_Zc6gJrSDid4PgMuu2AyliuK_dOO_n5myEtnZHhABINLMgRpgifPFhPQToAGM3fnDKMgBAuACAKgDAcgDCKoEtQJP0CB_WDV1V2PszPLLJ36tbHu3N_UVpp8QTCzl_ijkHSZwlRE2anhPyGrZgtH4R4xajpy8xgwG-erAgfPZZWe59k6I95L_s2wcqWxKfLerYioi1Hep2VyVQVRzANMM3DC1oC3UX9QhOg7jb7J0jMSgx2rV947X0A20YtTRPJZWh0n_2IK_P5AbffkdC6ZQpeQh-YA5wUu4vYYaZ-MPBHPWGFqRkjOsQsDf6tGFcWSFFdmPgKc-Vabmicmro6rXh9TEE0FOQ093R6B17hbICbsAYNvzCXNEbclTIoJPAnsjcxC7Moey9aZnzOpGeLnBENQy1fmKGKc8MNaVh2J16sEEMyhompKXTJ8K7V2HXopf38LZfbvKixHac7Z2ne4pxwEv3Uzvt2NgjchRR6C1WxAsWzxYAVvABIn5tvrSBOAEAYgF4JPqwU2gBgKAB4yVyqMDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ07IJ0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOlj2ubCeoZiDA5oJMGh0dHBzOi8vYXF1YS1oYXMuY29tL2xwL2ZyaWRnZS9zaW1wbGVwbHVzLyNsYXJnZYAKA8gLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBEKCxDQstHAppTdxOkBEgIBA-INEwjM8rCeoZiDAxW0QcIFHYClC8vYEwPQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=s_TPixusUpI&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_ScRk7xSjHIfA_afKyW4LqrQ-e3_ahlHxyS3dP9yQJuqn2bOhNeWyqGayZg4B7lbEVUriXgM0nkWwj9zSycPBcNfK8zZCi2UxfxgB&cbvp=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ Frame 2619 89 B
559 B 19ms
3ms Script
application/javascript 3.113.117.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702877556334&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MCwicmVxdWVzdF9hZCI6MTAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIxYzU3MDg2ZC00YWY3LTQ1YmEtYjNjZi0zMDA1OGM4Yjg0YWUiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3RpdGxlIjoiIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.113.117.180 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-113-117-180.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Mon, 18 Dec 2023 05:32:36 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK logo.png
api.popin.cc/images/ Frame 2619 2 KB
3 KB 9ms
9ms Image
image/png 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: null
Last-Modified: Tue, 02 Apr 2019 12:00:56 GMT
Server: nginx
ETag: "b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status: HIT from 10.252.55.44
Content-Type: image/png
Cache-Control: max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 2316
Expires: Mon, 18 Dec 2023 06:32:36 GMT

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 4ms
2ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiJ9&t=1702877556330
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ Frame 2619 66 B
222 B 5ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MCwicmVxdWVzdF9hZCI6MTAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIxYzU3MDg2ZC00YWY3LTQ1YmEtYjNjZi0zMDA1OGM4Yjg0YWUiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3RpdGxlIjoiIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6NiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2In0=&t=1702877556335
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 20ms
7ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=676d562047e6f33af4c1702845156169&type=pc_pv&nid=pc&media=reurl.cc&r5=cc_NONE&t=1702877556336&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 5ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdGl0bGUiOiIiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYifQ==&t=1702877556336
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ Frame 2619 0
108 B 16ms
3ms Image
text/plain 119.63.197.136
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF90aXRsZSI6IiIsImtleSI6ImtleTE3MDI4Nzc1NTYxNzAiLCJub3ciOjE3MDI4Nzc1NTYzMzYsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidWlkIjoiNjc2ZDU2MjA0N2U2ZjMzYWY0YzE3MDI4NDUxNTYxNjkiLCJzbWpJZCI6IiIsImRldmljZSI6InBjIiwiZGlzaF9tZWRpYSI6InJldXJsLmNjIiwiZGlzaF9jYXRlZ29yeSI6IiIsImRpc2hfZG9tYWluIjoicmV1cmwuY2MiLCJ0ZF9pcCI6IjMxLjIwNC4xNDUuMTY5Iiwidl9kaXNoX2xhYmVscyI6IiIsInZfZGlzaF90bGFiZWxzIjoiIiwibG9naWQiOiIxYzU3MDg2ZC00YWY3LTQ1YmEtYjNjZi0zMDA1OGM4Yjg0YWUiLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiZG9tYWluIjoicmV1cmwuY2MiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 0
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/plain

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 20ms
8ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=&type=pc_channel_pv&nid=pc&media=reurl.cc&r5=ch_banner-3x1&t=1702877556344&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 5ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJiYW5uZXItM3gxIiwiZXhwZWN0ZWRfYWQiOjMsInJlbmRlcmVkX2FkIjozLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIxYzU3MDg2ZC00YWY3LTQ1YmEtYjNjZi0zMDA1OGM4Yjg0YWUiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3RpdGxlIjoiIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6NiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5IiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2In0=&t=1702877556344
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 log.gif
r.popin.cc/ Frame 2619 35 B
186 B 20ms
8ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=676d562047e6f33af4c1702845156169&url=https%3A%2F%2Freurl.cc%2FgaOWLp&t=1702877556344
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 9007 3 KB
1 KB 27ms
25ms Script
text/html 18.182.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=756&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4898-Nj9wJGmsnQ1E2Ndxn4bGf2z8A7QLIa9b&fp_uuid=4898-743eae0bb1f9d71daf6f48afba1ad897&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fe2cb72bd6658d10312459c6c5b2be6847b99b76bec706079adae9ba92b8ac87

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 9007 3 KB
3 KB 6ms
3ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Mon, 18 Dec 2023 05:31:49 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 48
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: mI4aopUaVWjiRQf_cPW7NCCSkUppv6XDW-ySzyjlGTy0JRK09IFNrQ==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 9007 131 KB
42 KB 201ms
198ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 19 Dec 2023 05:32:36 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 9007 3 KB
4 KB 6ms
4ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Mon, 18 Dec 2023 05:31:49 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 48
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: bJ2I6VP7dHoveEzeVArizuRaS0rQwXeUIcmqgku8g3fQpBrnorI8Og==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 9007 3 KB
4 KB 17ms
15ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Mon, 18 Dec 2023 05:32:12 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 25
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: MRpB242R9KyUVsnT1MHhXDwSCs31i395s62knRdPB8y0lVpzUm69RA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 9007 3 KB
4 KB 6ms
5ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: L_ytFJI.iZbA3Ys9mJ75ciLmXqmRfuVO
date: Mon, 18 Dec 2023 05:32:31 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Thu, 14 Dec 2023 06:52:43 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 6
x-amz-server-side-encryption: AES256
etag: "21253aa5d7ee0c3b700ce5f1a4a1b4d1"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3446
x-amz-cf-id: -sYK_nM_gx53ZJG7YGBP3dY8k0pVywLl_EJIG1IPfBEkXrpeWEcvlw==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 9007 5 KB
6 KB 7ms
5ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Mon, 18 Dec 2023 05:32:09 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 28
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: y6O6QviXFAYkphr90Nqu8RYFCN9siZXZeZpQJYzjKn8OUzWm_EcWhQ==

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 7ms
5ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=676d562047e6f33af4c1702845156169&type=pc_imp&nid=&media=reurl.cc&r5=cc_NONE&t=1702877556375&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 4ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjQsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdGl0bGUiOiIiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYifQ==&t=1702877556375
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 5ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo2LCJjaGFubmVsX2lkIjoiYmFubmVyLTN4MSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdGl0bGUiOiIiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYifQ==&t=1702877556375
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 7ms
5ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=&type=pc_channel_imp&nid=&media=reurl.cc&r5=ch_banner-3x1&t=1702877556375&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 7ms
6ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=676d562047e6f33af4c1702845156169&type=pc_inview&nid=pc&media=reurl.cc&r5=cc_NONE&t=1702877556376&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 5ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjMsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdGl0bGUiOiIiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2LCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYifQ==&t=1702877556376
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 discoverylogs
log.popin.cc/log/popin_media/ Frame 2619 66 B
222 B 5ms
4ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjUsImNoYW5uZWxfaWQiOiJiYW5uZXItM3gxIiwiYm94X3Bvc2l0aW9uIjoiaWZyYW1lIiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJyZXVybC5jYyIsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiMWM1NzA4NmQtNGFmNy00NWJhLWIzY2YtMzAwNThjOGI4NGFlIiwidWlkIjoiNjc2ZDU2MjA0N2U2ZjMzYWY0YzE3MDI4NDUxNTYxNjkiLCJ0ZF90aXRsZSI6IiIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiJ9&t=1702877556376
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 7ms
6ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=&type=pc_channel_inview&nid=pc&media=reurl.cc&r5=ch_banner-3x1&t=1702877556376&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9007 0
171 B 210ms
69ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 18 Dec 2023 05:32:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 9007
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ

2 B
159 B

40ms
39ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 18 Dec 2023 05:32:36 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H3

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 9007
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ

2 B
20 B

37ms
37ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Mon, 18 Dec 2023 05:32:36 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=skkpYvPRBsKx2grVdNl_ZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H/1.1 200
OK 5c74cf4aef2a67478681d0ccde33d3f3.png
imageaws.popin.cc/ML/ Frame 2619 82 KB
82 KB 18ms
5ms Image
image/png 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/ML/5c74cf4aef2a67478681d0ccde33d3f3.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 76a3a3d32ada8fa2670cfed44a4369ecbb3a9b5a9d0c9a3e433662e9e2704e60

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: 7YnD_tRL.Cjqu.klZGY0d4G74bfc_kFh
Cross-Origin-Embedder-Policy: require-corp
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.44.28
x-amz-replication-status: REPLICA
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 83641
Last-Modified: Sun, 22 Oct 2023 19:06:30 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "5c74cf4aef2a67478681d0ccde33d3f3"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Tue, 17 Dec 2024 05:32:36 GMT

GET
H/1.1 200
OK 495a0c1e4096d857afeaa112f12a1109.png
imageaws.popin.cc/ML/ Frame 2619 438 KB
438 KB 17ms
5ms Image
image/png 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/ML/495a0c1e4096d857afeaa112f12a1109.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8fff025680eb6e87d0e77310f4275d22d16a4ce751e9c65aacf2f6c22d765f12

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: 3LoEHgpttKtF1vsjD38DGVr_Ss3M33o5
Cross-Origin-Embedder-Policy: require-corp
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.43.28
x-amz-replication-status: REPLICA
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 448102
Last-Modified: Thu, 16 Nov 2023 08:24:11 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "495a0c1e4096d857afeaa112f12a1109"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Tue, 17 Dec 2024 05:32:36 GMT

GET
H/1.1 200
OK 4e288557fa35311273a72b0d8c09434f.png
imageaws.popin.cc/ML/ Frame 2619 95 KB
96 KB 15ms
5ms Image
image/png 119.63.198.180
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imageaws.popin.cc/ML/4e288557fa35311273a72b0d8c09434f.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 40aed79d831ca199fbcea81abba4f9010006a8e1d28e1031b3b4d6e98a832db0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Mon, 18 Dec 2023 05:32:36 GMT
x-amz-version-id: RgvTCYN._HRdXuEUNDXFdHf5SSt6lpHz
Cross-Origin-Embedder-Policy: require-corp
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.43.27
x-amz-replication-status: REPLICA
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 97215
Last-Modified: Thu, 16 Nov 2023 08:14:33 GMT
Server: nginx
Cross-Origin-Opener-Policy: same-origin
ETag: "4e288557fa35311273a72b0d8c09434f"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Expires: Tue, 17 Dec 2024 05:32:36 GMT

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 9007 0
168 B 237ms
81ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.003722604688236597
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Mon, 18 Dec 2023 05:32:36 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 9007 13 KB
13 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=756&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=4898-Nj9wJGmsnQ1E2Ndxn4bGf2z8A7QLIa9b&fp_uuid=4898-743eae0bb1f9d71daf6f48afba1ad897&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Mon, 18 Dec 2023 05:32:14 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 23
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: 1MHzm2w3TiLZzXdKdUfj9cco-f25cKzFmMao5C4nvWmNhEC0d-crZA==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 3327 37 B
408 B 75ms
75ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

6d1a269f3d581bea1047e7c4b220c25bb99e9a260cb8d199989895c6cc80721b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
DATA 200
OK truncated
/ Frame 3345 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2449912fd1c17116b0e83a0e75f63cdb99c921e4972ea58eaad49e9e9f048337

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3345 0
0 78ms
40ms Fetch
image/gif 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDEICOSylpsVm09RO2GTJVDPHflt7Np3pu1QgW8TefoO2UH_3LxzEXjPshEuoDSfpqvxupqyfQo9N64Ah6DSlMTi6XTpHWUaKZuLBoU3eiectb5EjhiKUAu6D-UHRSE6_jW8epfVqeAw3xZ3GjGhfuguOsw8RHjU47qk9Avtvx9zGBDJkrGx5mv-qml77DzkX5QWHV3AfEJ5-0xMGDfH3-_O-qWzKOHNc9URsOOy9r46nimDAwUxXZ2tvdzhUB3nDyFaNq2b1l6f0wTH_SZ1tmeNEvhDBO5JncNCdEyf7SIREFBwJ9suR1FdNCkEATW7gzdmHmRdDygO1z6qgK6TPfA_qGnSkOwlu5FzxSdvpoAu2zZaJwf4hMloyjQ1vsVQl2ni6BkDpC&sai=AMfl-YR-GycfaHKLmuEyzvmSUnQkAuTYJU7pYGZ_achMC7OKH8unNHfdPqPHufsIPFGwcvqRh_WkGJ3PEb57ECvPm7A3REonqefMsDBUliokNIrULKJVQMaNV0Fz05n75M03ElD77A2e3TVrKwtT6bjMrk65&sig=Cg0ArKJSzNsx7kb1yLhpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
DATA 200
OK truncated
/ Frame 2619 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8da452887edee97bc6bafb28dc684778e09a6136c47f5832d72b1a0e3d7daf59

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2619 0
0 41ms
40ms Fetch
image/gif 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5enELdPBZru8jSX0OLmUjVHrJxSUhDbat6Cx4Bqe-WQeaOHsomowpqn9oZU500MFL5y2VAItS_YeVWul87mXdUafIqi6ENQXdXupRgWuG2luMYyfI7IYLjYFS1oi6GMEZiwkTvApdzdY2wCQi_pTSoyLdPTFlUN64DVjJlmWpnh4_WthALj4r2YXzY6k1C8-VC0A8ag3shEBySqo8zo9z1ddSIuagAuJWWfnmBU5UssSfDY85uQMb6BswsSAt9hi7sfLOMItggkdd7_rgGxxJQFm0tazGiMWhox9j25ayWILi4h_GxlZdsCMyYey13KmpwH9EAw4YSMVcHDZViClgyzsdtzihm0wg5G2WmBKTtr3cE91lcbnxRS86WA5zutB10QXwI_vWdA&sai=AMfl-YSajjaNeLoGzcTh_r84HIdSw6MEW0kCCcmppETcxFXOOp9EYnxDGF4KvCTsBzXxQFrRManPUVhcOGtiGj51-THJnWKIaMzRGQ0XtzvDD3F8Lk14BW2TbNpOJzF74qrUBRr8GodxfYXz4ssG62754J8&sig=Cg0ArKJSzLmEe-Kkk4yHEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Dec 2023 05:32:36 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 9007 5 KB
3 KB 74ms
73ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Mon, 18 Dec 2023 05:42:36 GMT

GET
DATA 200
OK truncated
/ Frame 88F0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 763deff7b08a3986605affd1cfc0330ce63a88eb76964e57ff4aa37cb6c16d9e

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sid Show response
mug.criteo.com/ Frame E73C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=lDw1HXx0QnBlOFdaNldMNmpXMXI2Z0dGK0Y5K2E0ajEyVE4xQ0IvVWxkaWtVbjc3aUFzR0xJYTdLb3BvaloyTmJCcVVKN0ZOZVdjVlNjcHJUeDdIT1ErbllZQjJTSGhNUDZIeW1xaDRWNm5pSURjZ3p5dW1rNXNIZW42ZV...

436 B
658 B

227ms
75ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lDw1HXx0QnBlOFdaNldMNmpXMXI2Z0dGK0Y5K2E0ajEyVE4xQ0IvVWxkaWtVbjc3aUFzR0xJYTdLb3BvaloyTmJCcVVKN0ZOZVdjVlNjcHJUeDdIT1ErbllZQjJTSGhNUDZIeW1xaDRWNm5pSURjZ3p5dW1rNXNIZW42ZVN6cmYrZENyV25sWXE5NTFERGF2YVpFYzBZQngwVUhjeFp4Y2QyQUo4WURuMXNiRUJoUHBUdzMvZ1M0b0YxbUlGOVhDQnRBVzBRTFJPcnBXTHBONVpXeFVUTzcrZUN0M2F6YXNlVlVRMkhPQ1VQb1dzN0JFaXlKSmdqS0tIVUNOcHdzdGFuaDZJNzdqNC9BOFRmbUo4ZXNNUFVUT2RvZz09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

32b55dda4206f7b00cd8ac1a899b3285755be0d7a402c3a7061b9773931cf708

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 681309
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=lDw1HXx0QnBlOFdaNldMNmpXMXI2Z0dGK0Y5K2E0ajEyVE4xQ0IvVWxkaWtVbjc3aUFzR0xJYTdLb3BvaloyTmJCcVVKN0ZOZVdjVlNjcHJUeDdIT1ErbllZQjJTSGhNUDZIeW1xaDRWNm5pSURjZ3p5dW1rNXNIZW42ZVN6cmYrZENyV25sWXE5NTFERGF2YVpFYzBZQngwVUhjeFp4Y2QyQUo4WURuMXNiRUJoUHBUdzMvZ1M0b0YxbUlGOVhDQnRBVzBRTFJPcnBXTHBONVpXeFVUTzcrZUN0M2F6YXNlVlVRMkhPQ1VQb1dzN0JFaXlKSmdqS0tIVUNOcHdzdGFuaDZJNzdqNC9BOFRmbUo4ZXNNUFVUT2RvZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 244820
content-length: 0
expires: 0

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 37ms
37ms Preflight
text/html 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CGzGrc9l_ZcygJrSDid4PgMuu2Ayg5rzPdL3-1sqAEmQQASDSzIEaYInzxYT0E6AB6OzP-ynIAQmpAvjXiXbeNj4-4AIAqAMByAPLBKoErwJP0DXMiD2SATE94yePfHHc2OAsLejMvdGo51u-vQgzTzEQqttMyUvLzMRJdyDQv0AeWClQWNK5WPPot3ISR7wdHqzWFSS5Mzi9_BW78M8GfBYMIha3NON5oBXM46MOhPdd6_d0BcjbVV5ZdBab6HFu60UeVk5MGtItkpP7diwUBDWproAkFHFTEBpGoy-8-JY7KBYXS_MQwFgsQuSMvo15Xcyj7pYiUQj3HjZyQfyETiOR8fz1WYuUIlxzfjuo22W6Q4EWnRrjaty5RYmmRkNg62niM-Wlglq-72eOe9JxXFQ0UGfAll3SubgObxVAWspIdR7xqBizQeB0rGA8GRzOtqor5xgCRjV_7HB1Q3NBrf96HSWEZz5R_rGfuvVwLGgL7jh7RLHig4e0I7obi3fABO3Nx7HFBOAEAYgFoZHiiUySBQQIBBgBkgUECAUYBKAGLoAH6KSg2wSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCKiAjSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WPa5sJ6hmIMDmglxaHR0cHM6Ly9zc3cud2ViLmRvY29tby5uZS5qcC9rYXpva3VjcC9pbmRleC5odG1sP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y29udGVudCZ1dG1fY2FtcGFpZ249Y3AyMDIzMTFrYXpva3WACgPICwGYDNu5usHEBKIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChCgovX68rzSlDcSAgED4g0TCMrysJ6hmIMDFbRBwgUdgKULy7gTgwTYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=pd1GNo65tss&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_ScRk7xSjHIfA_afKyW4LqrQ-e3_ahlHxyS3dP9yQJuqn2bOhNeWyqGayZg4B7lbEVUriXgM0nkWwj9zSycPBcNfK8zZCi2UxfxgB&template_id=515&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Dec 2023 05:32:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 731F
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CGzGrc9l_ZcygJrSDid4PgMuu2Ayg5rzPdL3-1sqAEmQQASDSzIEaYInzxYT0E6AB6OzP-ynIAQmpAvjXiXbeNj4-4AIAqAMByAPLBKoErwJP0DXMiD2SATE94yePfHHc2OAsLejMvdGo...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b14da62c48346fe0000000000000000%22,%222%22:%220x7eb123cd99b1a8fd0000000000000000%22,%223%22:%220xcf4064...

0
0

79ms
39ms

Fetch
text/css

142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b14da62c48346fe0000000000000000%22,%222%22:%220x7eb123cd99b1a8fd0000000000000000%22,%223%22:%220xcf40649c46143c090000000000000000%22,%224%22:%220xb40c637095a998160000000000000000%22,%225%22:%220x8529ec895af925160000000000000000%22},%22debug_key%22:%224434555828204882017%22,%22debug_reporting%22:true,%22destination%22:%22https://docomo.ne.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211265111656%22],%2222%22:[%22true%22],%224%22:[%2212-18%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217176652732329614609%22}&andc=true

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x2b14da62c48346fe0000000000000000","2":"0x7eb123cd99b1a8fd0000000000000000","3":"0xcf40649c46143c090000000000000000","4":"0xb40c637095a998160000000000000000","5":"0x8529ec895af925160000000000000000"},"debug_key":"4434555828204882017","debug_reporting":true,"destination":"https://docomo.ne.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11265111656"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"17176652732329614609"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Dec 2023 05:32:36 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 18 Dec 2023 05:32:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2b14da62c48346fe0000000000000000","2":"0x7eb123cd99b1a8fd0000000000000000","3":"0xcf40649c46143c090000000000000000","4":"0xb40c637095a998160000000000000000","5":"0x8529ec895af925160000000000000000"},"debug_key":"4434555828204882017","debug_reporting":true,"destination":"https://docomo.ne.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11265111656"],"22":["true"],"4":["12-18"],"6":["true"]},"priority":"500","source_event_id":"17176652732329614609"}&andc=true
access-control-allow-origin: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ Frame 731F 31 KB
31 KB 48ms
5ms Font
text/html 2404:6800:4004:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxrs03dKt9ss9lHyLBp5NTWzW0EYgj_2pibcw92Cv-32HvqZJEDW7D3sXd_46VvxthFZrckFTX8cWDNo-aIin8eQDPEX3tlMolv3shlkoZR1pm7H4p4Y_-8Um_5-AkZFUaFqxbpah97qXh06_QlZD1dG4rMi_ctvU7XiwLVdGNynPYAS9cp50BZvfigjQlCuzwN5-btV6eL9kQ-rgfzrajzDZDN-MwK5jmwrCYCQeBqINNb_ZjepnTTGyOwI1yMnfgoR3RW5HNIXiEglRYOgtlHtxet7iKkcfCKJ0GlQWBLAA9gdlih9BUe-&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E3%82%8A%E3%83%AB%EF%BC%AB%E5%A4%A7%EF%BD%9E%E9%99%90%E3%83%A7%E5%93%81%E3%83%831%E4%B8%81%E6%9C%9F%E3%83%9A%E3%81%B9%E5%8F%97%E7%94%BA9%E4%BA%95%EF%BC%91%E3%83%93%E9%9A%8E%E3%81%91%E9%96%8B%E8%88%97%E3%83%B3%E9%85%8D%20%2F%E5%89%B2%E5%8F%96%E3%82%93%E3%83%89%E3%82%B7%E7%9B%AE%E3%83%A2%E5%AE%85%E3%81%8B%E3%83%94%E5%86%85%E3%82%B0%E3%81%8F%E5%B7%9D%E3%82%B3%E2%88%92%E5%AE%9A%E5%9C%9F%EF%BC%94%E5%88%86%E9%96%93%E5%8F%AF%EF%BC%8D%E3%83%97%E3%83%A3%EF%BC%93%E3%82%AD0%E6%99%82%E6%97%8F%E5%8C%BA%E5%BA%97%E5%9C%B0%E5%AE%B6%E3%83%BC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

618ab940b496abecf63177b5fc1c0b45efa9de6fc899bde4077ed1eef9843067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:23:52 GMT
x-content-type-options: nosniff
age: 79724
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31456
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 17 Dec 2023 07:23:52 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9007 0
187 B 423ms
143ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&cb=84785618103

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 9007 36 B
400 B 75ms
75ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

8b9334d3e4b19d2536c0822f0f208bb724d0b3ae8ed74d6236e90818f1039d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 Live_Streaming.js Show response
cdn.holmesmind.com/js/modle/ Frame 9007 40 KB
40 KB 4ms
4ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: X_aLocCqsmqPAx2U1E3_4JQDn3OISwiD
date: Mon, 18 Dec 2023 05:31:51 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 06:48:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 46
x-amz-server-side-encryption: AES256
etag: "d51f4efc881ddc4b5200ee509878d138"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 40584
x-amz-cf-id: vPh7ixgWK0QX1oDZ07O72afDSk75SzvcvU2scSixf9q7g657UODJHg==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 9007 2 KB
3 KB 5ms
5ms Image
image/png 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: JXDsYp0MpCsC07xlgs6M6Edv23lP_HUM
date: Sun, 17 Dec 2023 18:55:58 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 03:09:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 38199
x-amz-server-side-encryption: AES256
etag: "7cb0cc414e01c6f48a9eefee02d81959"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2399
x-amz-cf-id: Deb7J15AeDIYgOsCd6Wd2UdZovgWIGri0mC-tp-xhTshXSi8P-OenA==

GET
H2 200 c6fefdd77d017860676055a778536143.jpg
cdn.holmesmind.com/image/23269/ Frame E041 7 KB
8 KB 4ms
3ms Image
image/jpeg 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/23269/c6fefdd77d017860676055a778536143.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b51c49d428fa8463f46232048c405279e9ef08761bec2d8ca652a5b6f8ca20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 04:03:07 GMT
x-amz-version-id: S4lAU9WyV.xKrlPlXcujDDhuqfTps3Zf
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Mon, 18 Dec 2023 02:24:41 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 5370
etag: "6fbe14bd963f126112a0324ee74c37ad"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7314
x-amz-cf-id: qWiEi2xS7w2_8HwJWJ1AypFzci-2MOGhrJXDf8199FwUgW2wTE6Efw==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame E041 2 KB
2 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Mon, 18 Dec 2023 05:31:51 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 46
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: o_U5wguekdMkU-n_rlEryNOtSZ0du6CYa-Jqt3pe6M6fOX1hEv5PAQ==

GET
H2 200 v_sdk.js Show response
cdn.holmesmind.com/js/modle/v/ Frame E041 192 B
592 B 5ms
4ms Script
application/javascript 2600:9000:20e4:5c00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:5c00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id: wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date: Mon, 18 Dec 2023 05:31:51 GMT
via: 1.1 b177f82492a9478517a157e74856e466.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:17 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 46
x-amz-server-side-encryption: AES256
etag: "8644272abfaa44219b2ed3d118b43dbc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 192
x-amz-cf-id: pAB_0KVCQicBnYJmM31iSmv9EFx1fOljUKMjChok0NZNke7TXYSosA==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame E041 3 KB
2 KB 3ms
2ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd4143155d1e1deff187f0c29ac40fd4051c74a647905cdb702f85a7cff2d4a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:36 GMT
content-md5: w1eSkzJjTS3M8eD8NwdFzQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1681
reporting-endpoints
x-fb-debug: ZArPRg2HsbYgyhAHmKBmnaMQ42A15oK+8E3BQhNm9rx5xEBkj1mQYTzovtTxS2n1pjMmlX2KQVbWafB6M+9lsA==
x-fb-content-md5: aa9d236f7ac4ee03465c491664483827
cross-origin-opener-policy: same-origin-allow-popups
etag: "2f71d42cd5cd1097157250b179968996"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Dec 2023 05:33:20 GMT

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 9007 0
77 B 9ms
8ms Image
image/png 18.182.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1702877556&p=14210:108293:204183:224ba2158469941ce4b60f1049851ae9:23269
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/png
date: Mon, 18 Dec 2023 05:32:36 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame E041 297 KB
85 KB 3ms
3ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=7bb1febfa6ceeeedae63c356bbe811ed

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

305e5ee74b4f4ab99fd3696506c89d761bbee5fe0a62ecfa595fb7c2b82bfe8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://reurl.cc/gaOWLp
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:36 GMT
content-md5: bAQG724Nm+Hx+9sQfQtt8w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 86868
reporting-endpoints
x-fb-debug: REYiLod9Cl//mu7Y8DsFlRl+vvQ/9NB5Db+0Z0ngcBvW9XrDVPaIJECh+2vOC9rShu0HIVtQa7JcKi7aFkVhlw==
x-fb-content-md5: 4ebf4f9105ab7a7c9fa2a9d8abd856a6
cross-origin-opener-policy: same-origin-allow-popups
etag: "28fea8d83c0d9eab8775fe5c821bce7b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 Dec 2024 03:34:34 GMT

GET
H2 200 gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response
pagead2.googlesyndication.com/bg/ Frame ABC2 50 KB
20 KB 46ms
3ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 12:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 232528
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19632
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 12:57:08 GMT

GET
H3 200 video.php Show response
www.facebook.com/v3.2/plugins/ Frame CFBC 164 KB
42 KB 395ms
395ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=7bb1febfa6ceeeedae63c356bbe811ed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4213eb89ec58028238b025133974c6b52940606a347dec040f6de37193438cd3

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:37 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: az+5G9oIqAHuWhSPPBb8m2Airkh+mM7N2cDNSnZFmA+rtnrlzHNuScrx3+uyxZY3FUU3WWGd4qtLKnOrbRNcEg==
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 85ms
39ms Preflight
text/html 142.251.222.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s71-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Dec 2023 05:32:36 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 9007 30 B
271 B 76ms
76ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=deb1daf6-d32d-4826-aecc-d52b6f5b2ac1

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 192ms
175ms XHR
application/json 143.204.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=5082.699099257262&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-129.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 8669a7a9bcc5559033b145d090ffa93590b711bf68dba036b818ed3584ee516b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:36 GMT
content-encoding: gzip
via: 1.1 409082e9caee4a1cdc1a950363f5172c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: DXmopitBAYIKIWZ7LYUozFigfAQjB5sxPiPwi5-yUquHBaiHBJAARg==

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 3327 0
194 B 76ms
75ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=deb1daf6-d32d-4826-aecc-d52b6f5b2ac1

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
deb1daf6-d32d-4826-aecc-d52b6f5b2ac1.t.ssp.hinet.net/ Frame 3327 0
79 B 117ms
73ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://deb1daf6-d32d-4826-aecc-d52b6f5b2ac1.t.ssp.hinet.net/pixel?bd=deb1daf6-d32d-4826-aecc-d52b6f5b2ac1&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.832/ 469 KB
139 KB 20ms
5ms Script
application/javascript 13.32.50.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-110.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:09:30 GMT
content-encoding: gzip
via: 1.1 cbeb24fadb75eda03a7b228ef184642e.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 2236988
etag: W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: kjOqEUuOpjBJGgWPgz6gr4VMYmObdgMrRzVJ2e8XjGwnqG1a3X761Q==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
595 B 808ms
203ms XHR
text/plain 35.208.216.174
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.4025056259210176
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Dec 2023 05:32:37 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

POST
H2 204 events
bidder.criteo.com/csm/ Frame 9007 0
186 B 139ms
139ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Mon, 18 Dec 2023 05:32:36 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 9007 43 B
365 B 144ms
143ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 12 Dec 2024 05:32:37 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 9007 43 B
365 B 148ms
147ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Thu, 12 Dec 2024 05:32:37 GMT

GET
H3 200 Dg4-W-_V1rh.css
static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/ Frame CFBC 582 KB
141 KB 17ms
15ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/Dg4-W-_V1rh.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

219ce50e75e1de2a6e4faba77f3d2bb962c6357c3ce5d3da11f364b1ff93ef1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: tlaR2D+0wPkgoMjQpsNvLA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 143934
reporting-endpoints
x-fb-debug: 5fclg94fPHgMo+50Ux54OIx+J5N55zJCEF7i9TP4liYFCUvwqMovMU5b+lRySf6oC6GLi4Nzcpt76yrLwtleQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sun, 15 Dec 2024 05:12:39 GMT

GET
H3 200 Qfo55ay3XFG.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ Frame CFBC 29 KB
7 KB 10ms
8ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iFoyUyk7Swig89SScjaqMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7084
reporting-endpoints
x-fb-debug: +D4BxC2i1rUFRSMGo5VTin8Lw1LmS1w9IzCf9N7bv51JyCx431OK0RUSKZEz8xlWADr6n/Of4Ak9Bqr+/4t8zA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Thu, 12 Dec 2024 17:06:27 GMT

GET
H3 200 V1vOOFer-BX.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame CFBC 355 KB
92 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

057c2344e0b50b00e1c724d669039ec2dcecc2bef96306e592d6796e79a427e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: He/ZPngiBUSATczmfQDoQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93947
reporting-endpoints
x-fb-debug: 29PqocqqqQC0gP2WaTgXm8NyNuh9zMcFIdHRAvJgaMYp/U8AgSSIrID8uxWrHL+GHg11RESp9sPFJVn64LqqIQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 19:36:39 GMT

GET
H3 200 IVj8Uh3KNzL.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yG/l/en_US/ Frame CFBC 89 KB
25 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yG/l/en_US/IVj8Uh3KNzL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8b58ff2331975a9f1e2ee2aebed2a9926ce3f395157d71d278ca304ff144be6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: SbhC0G90O5iNFKSOxTWXcw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25585
reporting-endpoints
x-fb-debug: uihWGqYWnukiVwVvgeUNdd0pASeklhQRdo9wUQysgwoOPuFk3euGhHIa+C6+rrvHRTMUsumhzeTNLJ3iFA2woQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 11 Dec 2024 19:33:44 GMT

GET
H3 200 K_LhFRwFxzn.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yU/l/en_US/ Frame CFBC 792 KB
192 KB 13ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yU/l/en_US/K_LhFRwFxzn.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5902e6bdf3a3663195d0adce8d18459c21395c665c760f6c87d0b7102a37d701

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9jfC4UWqrUUgvzLtjQChLQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 196645
reporting-endpoints
x-fb-debug: api3lGsAwwZetgNkpNgwSSrMJCl0kzPPxJzG+fomI0l7j6PTrEUrp57Zo16/RhnqfQmlLiSpcd7Na1ofGddnhQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:58:16 GMT

GET
H3 200 YHZQHQa4ATZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yD/l/en_US/ Frame CFBC 199 KB
51 KB 24ms
22ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yD/l/en_US/YHZQHQa4ATZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d6ab43adeab6b719e914094b0be273cd1269de2163db381faaf082b7020313a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 54jaGwpZqbTjN51QNXYf0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 51882
reporting-endpoints
x-fb-debug: R0aGNXThPDWKbTa7iX0ghAuN0fT48SLpNVsi0+Og3ETK1oSpsKGpKbBM42h251vqMeNO+9b04BclmfQxpQj8rw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:58:16 GMT

GET
H3 200 UvFG0JbY3sF.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yT/r/ Frame CFBC 4 KB
2 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/UvFG0JbY3sF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af8e109b70edc18a51287def8c671a89514ecad3ad8b637bb4c400c0b6dc5092

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pkXkEd3imy1jVasKtt8lew==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1808
reporting-endpoints
x-fb-debug: YdsDAkNkUZTvbr8EKbe5M1FADB3EXjloTwSn2p8ZnwMG4W9v64l9l8j0yYKRrIgWak+bL2ETJW80MAddlvKhZg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Mon, 16 Dec 2024 16:06:25 GMT

GET
H3 200 4r8pcxnOs4K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame CFBC 3 KB
1 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/4r8pcxnOs4K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GBf95XiiHK2guhZn2p/rAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1277
reporting-endpoints
x-fb-debug: evrIiXhf0UgM3IhAevRfnXIfHWjyXv+gM8xCsPJ76f2F8NVOhvb/cRd7IqXdlWMIx2XXekVv8mQESEpoAJ0B8Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 12 Dec 2024 21:47:43 GMT

GET
H3 200 Qm0gxk6gADG.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame CFBC 395 KB
86 KB 28ms
26ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/Qm0gxk6gADG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55318da1b9fcd6c0ae6f60aec23328dd22b14ebeb49f3a6d3daf790c70883c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aKzeDyIgRfOTfOXWYWFehQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87939
reporting-endpoints
x-fb-debug: r8RyGDMf5T69/6gARHGETCQvd9f6BIPqWUKSyWb3DI84M1DHRUoVmxb/h1MYSAZvpPGrMRICgqEBxVeqp8V2vw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 10 Dec 2024 21:47:47 GMT

GET
H3 200 txOqg2OLFSi.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yc/r/ Frame CFBC 2 KB
1 KB 32ms
31ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/r/txOqg2OLFSi.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0c1c5653f9b6761b304fd2c8d00c742b1716a952495570da5d4a7fa391a3c52a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 98UG6w+kXf7l+gPHWouZxA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 977
reporting-endpoints
x-fb-debug: pG6yEXAvwyzlM/fGC+vOynq0ItdYHlf/8bt7YNj5dYB6bISpv0X/PJtCHqJsLXRZv1IqEk4MYCKGFyY7zUqDgg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:58:16 GMT

GET
H3 200 QSIYt_TnzX3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yP/r/ Frame CFBC 32 KB
10 KB 32ms
31ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yP/r/QSIYt_TnzX3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

879aa623313c8e434ee5dedd776e9928738fd4bd34b1b8d6256ec62cff6b3d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 8vCFhxSNHGZdUirfFyxHNQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10365
reporting-endpoints
x-fb-debug: OqCxrzFr9e0HTJZU33a5aOd+0ByhNtLRuyniu5ncNzcjq5aTfBP7B8wDJjPqXuNsVdXUBOiyMLdATficiuGBnw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 03:22:21 GMT

GET
H2 200 411734290_264564646302547_7798783340353300386_n.jpg
scontent-fco2-1.xx.fbcdn.net/v/t15.5256-10/ Frame CFBC 20 KB
21 KB 333ms
329ms Image
image/jpeg 2a03:2880:f06f:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fco2-1.xx.fbcdn.net/v/t15.5256-10/411734290_264564646302547_7798783340353300386_n.jpg?stp=dst-jpg_p280x280&_nc_cat=102&ccb=1-7&_nc_sid=869369&_nc_ohc=AKMfGzQGRyEAX_ax-gQ&_nc_ht=scontent-fco2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfAnf5zdMHlDbYxyud_FvfNr8hog1WWJAPpqiy1iw0h62Q&oe=658562A8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:0:face:b00c:0:3 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 73cd887838e31624c8094246f51f8a5fdbae518eed42150ecb1c3e8192977297

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Mon, 18 Dec 2023 05:32:29 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3533423217
thrift_fmhk: GBAFIcY2S6gFBnbq9MR+qJbfFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: qI2w0W24qvqlAm1Aplf5eysqhtz9shcN7iB1II6b6Go3wn5P_-mK_Q2qfY4Dfa_tzO-d6STOZzs0sTXDfTSbPLT2LIUUIieQQmopjo8rqJU23X0owsP6zzDTUuyYbqmZ
cross-origin-resource-policy: cross-origin
x-needle-checksum: 360539620
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 20897

GET
H2 200 327240869_3055532101410791_2826010206684567699_n.jpg
scontent-fco2-1.xx.fbcdn.net/v/t39.30808-1/ Frame CFBC 1 KB
1 KB 248ms
245ms Image
image/jpeg 2a03:2880:f06f:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fco2-1.xx.fbcdn.net/v/t39.30808-1/327240869_3055532101410791_2826010206684567699_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=hF2VR6cH-s0AX9_r3YA&_nc_ht=scontent-fco2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfAU9oHzs4YcNVOV4zrTbM73fbuiqI9hTtpBxg_rFrl6Ng&oe=65841BFD
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:0:face:b00c:0:3 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4b0d105254d128c213222b1622a49b34a17835b5b9ab56dfd8264cb15855d688

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 22:37:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=89536745
thrift_fmhk: GBDs7F8wsxQzv28SgTKBIIQ+FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1375935555
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1112

GET
H3 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame CFBC 4 KB
4 KB 8ms
8ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/Dg4-W-_V1rh.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y_/l/0,cross/Dg4-W-_V1rh.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
reporting-endpoints
x-fb-debug: 2w8abLVp5z72hraxbTjqDG65oeO3g3sfG5ePa2Q69sUEI2g1psLKrV+swN3ONBse2QRKFhCH1zOqX0MYgUSCxg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 12 Dec 2024 20:18:16 GMT

GET
H2 200 327240869_3055532101410791_2826010206684567699_n.jpg
scontent-fco2-1.xx.fbcdn.net/v/t39.30808-1/ Frame CFBC 856 B
933 B 515ms
514ms Image
image/jpeg 2a03:2880:f06f:0:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-fco2-1.xx.fbcdn.net/v/t39.30808-1/327240869_3055532101410791_2826010206684567699_n.jpg?stp=cp0_dst-jpg_p40x40&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=hF2VR6cH-s0AX9_r3YA&_nc_ht=scontent-fco2-1.xx&edm=AOJO4v8EAAAA&oh=00_AfCDT_nlaamDYqpxp2UrvhkkUGDY7O_w_-UwQdz_1sNYpg&oe=65841BFD
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:0:face:b00c:0:3 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6f41f6fec89f59770abb2f36009d7539462b12a7b668bb5a263804876b437f15

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 22:37:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2405546302
thrift_fmhk: GBDs7F8wsxQzv28SgTKBIIQ+FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1375935555
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 856

GET
H3 200 fp.min.js Show response
ecs.tagtoo.co/js/ Frame 2619 31 KB
13 KB 3ms
3ms Script
text/javascript 34.102.218.41
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ecs.tagtoo.co/js/fp.min.js
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 41.218.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:31:33 GMT
content-encoding: gzip
age: 64
x-guploader-uploadid: ABPtcPqkBK_qC0mjRYI-jkA2Uh1ul0nnE2SABkxK4gmQcYce2FP8j51oz5lRUJVpVDhCISqfN6f0Sw4Ck2s3BB64kmSbmg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12950
last-modified: Thu, 16 Sep 2021 09:25:47 GMT
server: UploadServer
etag: "5d9159073c44e4858b07d4445a1adceb"
vary: Accept-Encoding
x-goog-generation: 1631784347603860
x-goog-hash: crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Access-Control-Allow-Origin
cache-control: public, max-age=300
x-goog-stored-content-length: 12950
accept-ranges: bytes
content-type: text/javascript; charset=utf-8
expires: Mon, 18 Dec 2023 05:36:33 GMT

GET
H3 200 bnB_pZEh8E_.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame CFBC 22 KB
7 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/bnB_pZEh8E_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f7b2294c8a106daf035e283f661f1009c2474083de4afebc3f4d9f253bb5793e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4b5j4MBsuf9eZFbQrBCDVQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7038
reporting-endpoints
x-fb-debug: 5uYSqKnFogzCS5cRmmwIxjrvdSPkBNPNfpSfCKvc7v+z0/dTOpCQG7khdeQt/FgPFtLTqXj+8ouVorjBXipiIw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 11 Dec 2024 18:40:12 GMT

GET
H3 200 naP_5qRcO2f.js Show response
static.xx.fbcdn.net/rsrc.php/v3iyB-4/yK/l/en_US/ Frame CFBC 724 KB
158 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iyB-4/yK/l/en_US/naP_5qRcO2f.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c9bf88d0671d2785fda04b7cd56f96cae892990e5369e2b64e8592da49ade7ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Jz+vGnfYKZzk1siDsJlVLg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 161935
reporting-endpoints
x-fb-debug: fKghKsBnJBfkEZeXao0b7csnz/rH9KHYYmhQzeOoa6bENLOMGohzwe/SSfTOp8TyMVvOwi0orOpVuhTMTHmeHQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:58:16 GMT

GET
H3 200 wr6Yf_IUFqq.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame CFBC 3 KB
1 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/wr6Yf_IUFqq.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bb24505f8583fd1494a1ad4708fbe077cddeba45275b8ba55a37f28bca63ec92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Zuf3Z75OmVQ5gQhrKF3J0w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1100
reporting-endpoints
x-fb-debug: vKXptc0vGCB43tYPFnent4j31TdfY6CbQzLJ4BzlnjE3l1EOrSd7h4xbFkLOwdamDARj9hNS47NrLcJb5qIpkg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:58:17 GMT

GET
H3 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame CFBC 55 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: E7HEf7GE1ouopcherERCdwAkmePXk9XADW+70gW4hvK1MnxHRafsiahYIKBQckTmsCVot1DjzSp1e5hRD+1m9A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Tue, 03 Dec 2024 22:48:21 GMT

GET
H3 200 9NTUPK_dvJM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame CFBC 351 KB
68 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

927ff4d5d675f1e306c5945678dfb739e6cde892628b2992de973ed09566d237

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Unsd2Uw6lhPL+K/mZmoZOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 69664
reporting-endpoints
x-fb-debug: 0sFp84q7uQi3QbTElrf/8+bz2bn26hqATnDV5Q0FpMGFDeUB7x7X0Rn0ZHxs+Mb8JCFORx46r/2zYNH3feZ0jA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 00:43:56 GMT

GET
H3 200 Xa-kykSxUdE.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame CFBC 32 KB
7 KB 7ms
7ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YWU4cGhOfIeDPjaHviTsqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6714
reporting-endpoints
x-fb-debug: yKKMXtcMEaODxZm9BV/FDKHIugvriOmtOkJdOE0BY7a1YJ5raoqxyigcm7GYTUDkzXK6nly719vcD7OiDYnN0w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Tue, 10 Dec 2024 22:57:33 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0744 42 B
289 B 45ms
42ms Image
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzkBNJW2s3sMbdX0D60tYH_FlZc36pGEm6zxf3wXAjJclIVoh9mU5JvsfpK6FTgveWnlf9drFd-5-t49QwzrT7wlW4FgobAgh5mcDy4NaJyjcwtEZ900vy_iUxxPftnEcYR5LaEtGyKzVJUgNoRTmNsuf-xXfVqag7h-WxjTegez6bxLqIiGjcml-veeIYk6QE-JZm1S1vHhWypzle4kUGzKJwVKIkL-0pgewJbUPyn5KeFPJGLzPVv2JP9xIOYFYbi2Rg7O1LcQdefLj-_I_E-VF2EpyqvFWdLrfc6tIOKEBAB0vHs8gK9KdV3eJOMpErAgSxZuURXfCSdZ_Et-sp7CjWdwwxzHwenteFSzI6rjT_McjEwXULtPjFs6dHfZKJ5cFkPNDm1_phe4NmXg7Mx-OuO2Nr6AbryS4iqp915f4IlPIR8Fhwli77d_zsqVzprEcu-Jz6fM_Jm0B4x1i3Z_q--gV7pS_UNfotaDJH5DCuLjMnWC4su6b8dVwiNkqfJP2rMHAGi3QyMCz5Y8jgrDoiKw0-C5XeT8UBH5vXKKskstP2giDNPMGYl52dsHR9AqRUroDbN_A5zyVNHtc71mfO4U5m1Z-D7bJQqt3pe_Tsg6la-3NAGIhk7XAS3fdpo--CBmRfRUmH7CzCdrSeXoFixT8Ioo40FNAemZqZdDGpeH6QEY-50GCN3odl1PSacWvmOGaKI8Kw7Ph-DqaBBOX8DVK6OwFlQt0qPUoEfgLtrJDaUCWVGNMq7N1IIbV6IgDJfGScsn4VpXBYCU105hVYqNKPBN-KiiT4lEVXLaTOQuCVVSIwMyYt2S4K9jZ9mpaSckZEp3pV1G4tsp2gXx3D4HIHJwTJSXZo3MHxxoVsBXE00PPAAxG3OR-GQQ4e_THOvaYMn8VO0crG_EkBIdvcjijgiT-A9lyumczMHwCBPq0mvHTqiIKBp1zbm5LbsaS1UnMQAnfB2xfCkBpqW6bfFr9TJR-Gx0YM1_i9PUJg-jbThts_uawEpBm7R7Rm0e9B-3aD6G1JbRuMOvP5GhsQi1atkfGHOLLEDsTkoFe3n_YZt1oeOpYa75C23dtE1GP5iqhXIoRdzXtP_ENW-fZF_8CbNS-GXf8iL9sF10SRPe7aTYOi64GsFQ8NpFjTHUTnwy0aUm5JJZ0So1hRnnXCIOEJSq5t8pWPyKFpn0QdfpXbvZBt428toFRcp2o3xiX4tGRxub3wrb7Y2G0389udlk8ou5_GFJtOpc-ViaZeyuz3WJSZwgj7ZrTDFM-tn0jAfwPlVYD4MjB7X4WCvNYWfyOwC7rpoxBTMHoLmUPjsfNqf3c8kPS5Cq_0WdWPAOgNFewDlOwglSVxzcdMAySXnOHzPrhn5rviZI8FBdW_opTtcqH89ORYXubgo3nurw66AeZAUPB1beuzXGmh8bWzrvA&sai=AMfl-YS4gCfzpkc2SrKUE6FkQttT6Dk-fwF3wUfUnnMCHF90I4vKOaanugIfBd0pt8Jo_VbfDh4Omo_2AeZShyT_URARxLJmpwnm--sD9UrZsDVGvHNQBPaEA1j84_9-IWytLxvRNXPJny-srcgoNCFySBam5qB6Ni2siVd8IA&sig=Cg0ArKJSzIt-YyrAZlOXEAE&cid=CAQSTgAvHhf_ScRk7xSjHIfA_afKyW4LqrQ-e3_ahlHxyS3dP9yQJuqn2bOhNeWyqGayZg4B7lbEVUriXgM0nkWwj9zSycPBcNfK8zZCi2UxfxgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1012&mtos=0,0,1012,1012,1012&tos=0,0,1012,0,0&tfs=244&tls=1256&g=100&h=100&tt=1256&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 750882597067205.mpd Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/ Frame CFBC 11 KB
2 KB 687ms
237ms Fetch
application/dash+xml 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/750882597067205.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfAb-v52mxAYxo7e36xKt-i946WwQwJw5vIeqw4MzMZfnA&oe=65817313
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6dccab3bc4297c9ae3cb1441e1f7b392ca6ab0cadb44ac445fe5b3c5711be799

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702877556
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5592772
alt-svc: h3=":443"; ma=86400
content-length: 1570
x-fb-origin-hit: 1
etag: 3e1ec404da030ec22c6f6ddfe2a6ef4c
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ Frame 2619 89 B
559 B 4ms
4ms Script
application/javascript 3.113.117.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702877557431&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE0NTQ1ODAzOSIsImNhbXBhaWduIjoiMjA2ODc1NSIsInRpbWVzdGFtcCI6MTcwMjg3NzU1NzQzMCwicmVjb21tZW5kX3Bvc2l0aW9uIjoxLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDE1MjM0MTI2MTg2NDE1NTEyLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNTIwMDk1OTg1ODQ4NDU2NiwidGl0bGUiOiLohYvkuIvpmaTmr5vmgI7purzpgbjvvJ%2FlsYXlrrbnhKHnl5vpmaTmr5tOby4x5piv5a6D77yB5Y%2Bq6KaB5Y2B5YiG6ZCY77yM6aas5LiK5Lm%2B5Lm%2B5reo5reo77yBIiwic2FtcGxlIjoiIiwidl9mcnVpdF93b3JkIjoiIiwiaW1hZ2VfaGFzaCI6IiIsImNsYXNzaWZ5IjoiIiwiaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL01MLzVjNzRjZjRhZWYyYTY3NDc4NjgxZDBjY2RlMzNkM2YzLnBuZyIsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIxYzU3MDg2ZC00YWY3LTQ1YmEtYjNjZi0zMDA1OGM4Yjg0YWUiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImNmZjc2YjVhLTNhOWUtNGJlMi05ODBkLTRkMzM5YWRjNTNiMyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InJldXJsLmNjIiwidGRfcGF0aCI6Ii9nYU9XTHAiLCJ0ZF9yZWZlcnJlciI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiY2ZmNzZiNWEtM2E5ZS00YmUyLTk4MGQtNGQzMzlhZGM1M2IzIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImZydWl0X3N0eWxlIjoiNCIsImJveF9zdHlsZSI6IjQiLCJyZWZlcnJlcl9yZWNvbW1lbmRfdHlwZSI6IiIsImRtZiI6Im0iLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.113.117.180 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-113-117-180.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Mon, 18 Dec 2023 05:32:37 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

POST
H2 204 ic
trace.popin.cc/ju/ Frame 2619 0
120 B 17ms
7ms Ping
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=95edef6006bd41bb38d10f7638ecaec9&acid=25788&data=BkVaBRGmsZSFOb1Q2l-Z38FcRZCCICmK0KzWOiDdBOjKQ958YQKftpYuCXzqN4No0IlAwtuRDvTmM56Fal9c3HRw-ItJGs1AzHdf5l58-fIGgZ8vyOx1yqpo13MZcLI_G_ToHXmbTc_MNhp2uuGUJu7gG4WROuQgqS0vS2Q-ls-z2S3F67aJHZmOZlWvbYLgDxrIUHnNjIcn8GL8369jRx-WxDcBmiAMELJcYNNV-Y8lAryX06mtKJYziY0ozGcZLrk-MkVGX63K5xhxIw4JwgdDPkr2VNXTCYebgYOFZbplibwLzgHB4oDEbJB78zGmqz3ayLY3eiyHVC_Y1xkU7X1MwwX1_AaJKX-7x0Rh7WpBVwwSQDzvQ2MtoHARianNS-L5y3K_QEBFoNazqJe9l7pVrQPN5zTCnza3qxeZmorv9JShYLfRh4249XgYpOvY3x5ddX-2Qks-BhMmISr2IiPbyzDJ7MqUaGEHP-UHmhnXQVWan3gnr8Uu1Hqe--5RB2qlpCjuQ2hBBZh-yzxhykwg2u99XvdL_SgWdfzVwlPr1X3vwYHUk3qXV6U8e_8jyp9tzwgtdwv-EMZ0KSChSUR-ev32kpKnygtrTY5Jos0&uid=676d562047e6f33af4c1702845156169&mguid=&uu=676d562047e6f33af4c1702845156169&tst=1702877556337&ppvs=6&tss=5&aps=1&rp=1&fs=4&bs=4&caid=banner-3x1
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 3ms
2ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=676d562047e6f33af4c1702845156169&type=pc_imp&nid=145458039&campaign=2068755&media=reurl.cc&r5=cc_NONE&r6=undefined&dmf=m&t=1702877557429&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ Frame 2619 66 B
222 B 3ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE0NTQ1ODAzOSIsImNhbXBhaWduIjoiMjA2ODc1NSIsInRpbWVzdGFtcCI6MTcwMjg3NzU1NzQzMCwicmVjb21tZW5kX3Bvc2l0aW9uIjoxLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDE1MjM0MTI2MTg2NDE1NTEyLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNTIwMDk1OTg1ODQ4NDU2NiwidGl0bGUiOiLohYvkuIvpmaTmr5vmgI7purzpgbjvvJ/lsYXlrrbnhKHnl5vpmaTmr5tOby4x5piv5a6D77yB5Y+q6KaB5Y2B5YiG6ZCY77yM6aas5LiK5Lm+5Lm+5reo5reo77yBIiwic2FtcGxlIjoiIiwidl9mcnVpdF93b3JkIjoiIiwiaW1hZ2VfaGFzaCI6IiIsImNsYXNzaWZ5IjoiIiwiaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL01MLzVjNzRjZjRhZWYyYTY3NDc4NjgxZDBjY2RlMzNkM2YzLnBuZyIsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIxYzU3MDg2ZC00YWY3LTQ1YmEtYjNjZi0zMDA1OGM4Yjg0YWUiLCJ1aWQiOiI2NzZkNTYyMDQ3ZTZmMzNhZjRjMTcwMjg0NTE1NjE2OSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6ImNmZjc2YjVhLTNhOWUtNGJlMi05ODBkLTRkMzM5YWRjNTNiMyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InJldXJsLmNjIiwidGRfcGF0aCI6Ii9nYU9XTHAiLCJ0ZF9yZWZlcnJlciI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiY2ZmNzZiNWEtM2E5ZS00YmUyLTk4MGQtNGQzMzlhZGM1M2IzIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImZydWl0X3N0eWxlIjoiNCIsImJveF9zdHlsZSI6IjQiLCJyZWZlcnJlcl9yZWNvbW1lbmRfdHlwZSI6IiIsImRtZiI6Im0iLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1702877557431
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ Frame 2619 89 B
559 B 9ms
4ms Script
application/javascript 3.113.117.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702877557433&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE1NDk5Mjk5MiIsImNhbXBhaWduIjoiMjE2MzU0MiIsInRpbWVzdGFtcCI6MTcwMjg3NzU1NzQzMiwicmVjb21tZW5kX3Bvc2l0aW9uIjoyLCJhZF9wb3NpdGlvbiI6MiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDE0ODI0NDI3MzU4MDg3NzYyLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNzY2ODM5MjQ5OTkwODgwNSwidGl0bGUiOiLkuIrog7jmspLogonvvIznqb%2FooaPlsLHmmK%2FlsJHkuIDlkbPvvIHoh6rpq5TpmobkubPhg6bop7jmhJ%2Fmn5Tou5%2FotoXoh6rnhLYiLCJzYW1wbGUiOiIiLCJ2X2ZydWl0X3dvcmQiOiIiLCJpbWFnZV9oYXNoIjoiIiwiY2xhc3NpZnkiOiIiLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvTUwvNDk1YTBjMWU0MDk2ZDg1N2FmZWFhMTEyZjEyYTExMDkucG5nIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiY2ZmNzZiNWEtM2E5ZS00YmUyLTk4MGQtNGQzMzlhZGM1M2IzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiJjZmY3NmI1YS0zYTllLTRiZTItOTgwZC00ZDMzOWFkYzUzYjMiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiZG1mIjoibSIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback2

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.113.117.180 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-113-117-180.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Mon, 18 Dec 2023 05:32:37 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

POST
H2 204 ic
trace.popin.cc/ju/ Frame 2619 0
192 B 14ms
6ms Ping
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=55bf885385f73fa1b37a54ef403a7669&acid=26064&data=G8bJqikqZZnOn0pIvIk4ncC4-Vo3j2E-se87Y3gGvgW6IA0_DChVXvrjd1nkxq2Dd7mZJEYA7pqvYO39gP04fgSb-WM9hFXTp_GW8dFRqKN0liQcqTi-7-43F7krXAz4Em2TDOgh4V4ctQDru4YJXS2QUUHKs1yUEM4RSwSc-NYMNHnmp-nj2Msp4zrfjbefDRmWBeVF6TL6wgczhHxIXA5yLTz2vo6PObXIILOv557tks0t7T3O6029kGa9UAlP8ZS17v1jxdLq4YbPsXzX7ScihrpOfGd6HdiXSGAfvm8W7GDfQtm4DMLqZJh3ALO2_DlmGiVbk9Wh_6tHAE_03l__x0_ueAPR-C8b3eCRLVlC7bE07ZPpK_tMc91stB_8Pa0B73IR17e7Cepv4EG6zwURb0apkgVxwO-nJFt_iziOYR-r0Y-wqfZpaEu4UvD4-BVHry7OA7Dd9ajxhgy_0VvnLps37w735gT96WR7vtTeuSHTQwCpzphDXKLQtdAzKxDTTgIXfWtMf7tZ05lH6FqVp6kM1YgR1VfJ4nLeHfOBQrZc07W9c4r9XZS5KYE3ClYsl8fA9nPduroyiy_DTCeim5qyaAWrrAoRAWyo23k&uid=676d562047e6f33af4c1702845156169&mguid=&uu=676d562047e6f33af4c1702845156169&tst=1702877556340&ppvs=6&tss=5&aps=2&rp=2&fs=4&bs=4&caid=banner-3x1
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 4ms
2ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=676d562047e6f33af4c1702845156169&type=pc_imp&nid=154992992&campaign=2163542&media=reurl.cc&r5=cc_NONE&r6=undefined&dmf=m&t=1702877557432&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ Frame 2619 66 B
222 B 3ms
2ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE1NDk5Mjk5MiIsImNhbXBhaWduIjoiMjE2MzU0MiIsInRpbWVzdGFtcCI6MTcwMjg3NzU1NzQzMiwicmVjb21tZW5kX3Bvc2l0aW9uIjoyLCJhZF9wb3NpdGlvbiI6MiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDE0ODI0NDI3MzU4MDg3NzYyLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNzY2ODM5MjQ5OTkwODgwNSwidGl0bGUiOiLkuIrog7jmspLogonvvIznqb/ooaPlsLHmmK/lsJHkuIDlkbPvvIHoh6rpq5TpmobkubPhg6bop7jmhJ/mn5Tou5/otoXoh6rnhLYiLCJzYW1wbGUiOiIiLCJ2X2ZydWl0X3dvcmQiOiIiLCJpbWFnZV9oYXNoIjoiIiwiY2xhc3NpZnkiOiIiLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvTUwvNDk1YTBjMWU0MDk2ZDg1N2FmZWFhMTEyZjEyYTExMDkucG5nIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiY2ZmNzZiNWEtM2E5ZS00YmUyLTk4MGQtNGQzMzlhZGM1M2IzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJjZmY3NmI1YS0zYTllLTRiZTItOTgwZC00ZDMzOWFkYzUzYjMiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiZG1mIjoibSIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1702877557434
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ Frame 2619 89 B
559 B 10ms
5ms Script
application/javascript 3.113.117.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702877557436&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE1MjkyMDM1NSIsImNhbXBhaWduIjoiMjA2ODc1NCIsInRpbWVzdGFtcCI6MTcwMjg3NzU1NzQzNCwicmVjb21tZW5kX3Bvc2l0aW9uIjozLCJhZF9wb3NpdGlvbiI6MywiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDEzNTQ1NzYzMTI4Mzc3Nzc3LCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNDYyNDU0MTAzMzk5MDY4MSwidGl0bGUiOiLmnIDnvo7lqr3lkqrnjovmgJ3kvbPvvIznlKLlvozlv6vpgJ%2FmgaLlvqnnvo7pupfnmoTnp5jlr4bvvJrpgJnmqKPmjInmkanvvIzovJXprIbmkqvntIvkuI3nlZnlrZXnl5XvvIEiLCJzYW1wbGUiOiIiLCJ2X2ZydWl0X3dvcmQiOiIiLCJpbWFnZV9oYXNoIjoiIiwiY2xhc3NpZnkiOiIiLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvTUwvNGUyODg1NTdmYTM1MzExMjczYTcyYjBkOGMwOTQzNGYucG5nIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiY2ZmNzZiNWEtM2E5ZS00YmUyLTk4MGQtNGQzMzlhZGM1M2IzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiJjZmY3NmI1YS0zYTllLTRiZTItOTgwZC00ZDMzOWFkYzUzYjMiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiZG1mIjoibSIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback3

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.113.117.180 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-113-117-180.ap-northeast-1.compute.amazonaws.com

Software

Resource Hash

b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Mon, 18 Dec 2023 05:32:37 GMT
Strict-Transport-Security: max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 89
Content-Type: application/javascript

POST
H2 204 ic
trace.popin.cc/ju/ Frame 2619 0
120 B 12ms
7ms Ping
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=95b3c7cb066992ec99307fe34c394f61&acid=25788&data=cHxK6ZXlvkEjn3BvnBQLGfCpqwFXbSi4jCVJXS_BJOzmXMM7hMaV89DeQcWxgQIjW3DhGQ_8NV1gLkYJkgVkklf3fw0HRdpGgIcVGUHPbtXmo4VJACB2ClvksSMFd7jdstq8oYI1tncg5uwwXoHFM2_6fKh-Sv-g5OGOkt-cpHuuHaH_ypYd4THHbXuFTXKL3IkpEjIrC1UV89NsBlllFQmHG2NuEkYFgWxzay-EpT7wCISFwVip0Ke4ynvwKRWhIPTU0JqeRx1x97ClSzQAFPydp9x5z7nSY2NNPDWNexIU48YIsR1Tgln6fNCSABM-1UBPBtJSm6Js080nCXu9X45TJZ9L78AFJGE8TFFbERJhHh4HB3M71zS5TA26LemhEIDSH4cEJVRqbPxXsvttEAAj21gDKJkwvcI5MR07-bS7R7jTg4yjwq8T2_cV2rU5xMi7Qc81rn4WVtjCv5gX0HdVIVJeZPUocfqlRqJwPesMplt9AzmgIMIvx9UsdeBdno4fpJNXJEaME104B77o1ppYxLW4SO_Pnxla8Ro0U2l_YwF9eed04THYjkBj-kU4nNrhWPxyRa5JfkjFITeahFdXVLKnAE7tMy2qW3RXbcc&uid=676d562047e6f33af4c1702845156169&mguid=&uu=676d562047e6f33af4c1702845156169&tst=1702877556341&ppvs=6&tss=5&aps=3&rp=3&fs=4&bs=4&caid=banner-3x1
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 s.gif
r.popin.cc/ Frame 2619 35 B
186 B 4ms
2ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=676d562047e6f33af4c1702845156169&type=pc_imp&nid=152920355&campaign=2068754&media=reurl.cc&r5=cc_NONE&r6=undefined&dmf=m&t=1702877557434&tz=tw
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
last-modified: Thu, 16 Sep 2021 06:17:57 GMT
server: nginx
etag: "6142e195-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 adlogs
log.popin.cc/log/popin_ads/ Frame 2619 66 B
222 B 4ms
3ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE1MjkyMDM1NSIsImNhbXBhaWduIjoiMjA2ODc1NCIsInRpbWVzdGFtcCI6MTcwMjg3NzU1NzQzNCwicmVjb21tZW5kX3Bvc2l0aW9uIjozLCJhZF9wb3NpdGlvbiI6MywiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDEzNTQ1NzYzMTI4Mzc3Nzc3LCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNDYyNDU0MTAzMzk5MDY4MSwidGl0bGUiOiLmnIDnvo7lqr3lkqrnjovmgJ3kvbPvvIznlKLlvozlv6vpgJ/mgaLlvqnnvo7pupfnmoTnp5jlr4bvvJrpgJnmqKPmjInmkanvvIzovJXprIbmkqvntIvkuI3nlZnlrZXnl5XvvIEiLCJzYW1wbGUiOiIiLCJ2X2ZydWl0X3dvcmQiOiIiLCJpbWFnZV9oYXNoIjoiIiwiY2xhc3NpZnkiOiIiLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvTUwvNGUyODg1NTdmYTM1MzExMjczYTcyYjBkOGMwOTQzNGYucG5nIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjFjNTcwODZkLTRhZjctNDViYS1iM2NmLTMwMDU4YzhiODRhZSIsInVpZCI6IjY3NmQ1NjIwNDdlNmYzM2FmNGMxNzAyODQ1MTU2MTY5IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiY2ZmNzZiNWEtM2E5ZS00YmUyLTk4MGQtNGQzMzlhZGM1M2IzIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiJjZmY3NmI1YS0zYTllLTRiZTItOTgwZC00ZDMzOWFkYzUzYjMiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiZG1mIjoibSIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1702877557436
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
last-modified: Thu, 13 Dec 2018 07:24:27 GMT
server: nginx/1.13.5
etag: "5c12092b-42"
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 66

POST
H3 200 / Show response
www.facebook.com/video/unified_cvc/ Frame CFBC 269 B
333 B 116ms
115ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yG/l/en_US/IVj8Uh3KNzL.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75b1edbd1699fd19dc0831928df8e391a97d42ff9c8e32e73d942943407294c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: slMn6K1E7aAfNUHNJJ5k4O
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:37 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: yOPbuOC2EQgjXXixCL3YbOvKdMdlMk/3tc7PrXltPaxeKi8CBPQvdYP7JeeWRoSAVHAAIw5NL6uXmyGWJoOmSw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ag-Kz-WMvnK.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame CFBC 330 B
467 B 17ms
16ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ag-Kz-WMvnK.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
content-md5: eAFd0hA109+Saq2CKxwDiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 330
reporting-endpoints
x-fb-debug: GxdUAOfEy1PfUoL3RuOqDa774LyuOTBOSQYHb51/huBvPiAU77dukEIPpHkj4o0h9Ca5DSchEsRr/xS/8+N5iA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Dec 2024 18:36:55 GMT

GET
H3 200 gDitvOzbw6T.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame CFBC 8 KB
8 KB 17ms
17ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/gDitvOzbw6T.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
content-md5: Mgl5lSWRJJAq6dF2coyXXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8119
reporting-endpoints
x-fb-debug: MiIESDksxEr+EA7iBRCrq/vskl5LHcxydYy+fLuLeFgpDZPpD6VSdxFJZ4TDgThhqv+LDxxmgAx89YAuVyYFQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Dec 2024 18:33:16 GMT

GET
H3 200 SWhawEjeLCn.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame CFBC 3 KB
3 KB 17ms
17ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/SWhawEjeLCn.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
content-md5: /zrKWNzqQF1I3EnT4Zj6CQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3327
reporting-endpoints
x-fb-debug: obwL7DC98zWeiQ+1IVGvkBcSYcaYr8exF8NcERseeNZveQbuCC4sCan27zkg11M5nbdiNew4sAyTxdILFiK6ng==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Dec 2024 18:08:58 GMT

GET
H2 200 permanent Show response
event.tagtoo.co/ Frame 2619 48 B
113 B 45ms
44ms Fetch
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=8ad3c0e853da0b8a176678b7d3a47e36
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: e5f4a0eac3261dcf6ea9d5d8dc3ea92dfaf5a3150da16c34fbe40c1376c2bfc0

Request headers

Referer: https://reurl.cc/gaOWLp
X-TOKEN: a5808d50cbd8897ace6b6b62abf51d37c19e599aea49012c32a74de228b9
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Dec 2023 05:32:23 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48
content-type: application/json

OPTIONS
H2 200 permanent
event.tagtoo.co/ Frame 0
0 53ms
42ms Preflight
text/plain 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/permanent?fp=8ad3c0e853da0b8a176678b7d3a47e36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-token
Access-Control-Request-Method: GET
Origin: https://reurl.cc
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Mon, 18 Dec 2023 05:32:37 GMT
server: uvicorn
via: 1.1 google

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3345 42 B
64 B 78ms
38ms Fetch
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLJTQFMGZoOgN5F9_rwzEVEXqBlHUNd4GEQTSVtO4CWZCUNaYlYDGKoLa4MlPO-X68BP5J48UMjT-IOeqKcISQtg5eXbeucHvN4xdaCKtQUJTzPiokmiU1lCzjLXnrfzElA6_irL7qIqrsj5SMr79rzUk4&sig=Cg0ArKJSzOsb7jpJGa8nEAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702877555990&rpt=592&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 v1
event.tagtoo.co/event/ Frame 2619 2 B
16 B 55ms
49ms Ping
application/json 34.96.83.10
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://event.tagtoo.co/event/v1
Requested by: Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 10.83.96.34.bc.googleusercontent.com
Software: uvicorn /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Dec 2023 05:32:37 GMT
via: 1.1 google
server: uvicorn
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: application/json

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 731F 42 B
64 B 43ms
42ms Fetch
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubTcXSB7uL1rk6xtucaqCV952fXEFBQBSAGwlNpMcRPnFRFDf39_TPFoK7doK3FT_Dtr_9nl-uwpIPR8HzjUQFdsZQibzWFHS2-e3Hru09343JumST8HiIvLmHdiLe53sio1tVU1dzckujU2UabJvY3RgUkmQpv1-vcSw_0CPTh2RogRyy1yETcT04svcJsawjFZusN5LtO9Bdsd4UrU73sZehTYPb8JfpcuLQ7wrzKYxpdXO67zxKP5XxgkuueUqXNbps-FeWcrYnFIENf9EsEUPxGOtdgLXo3Mwc0KEecFb1u8p18CWsUtNqtvynakb1wOnWP9c6hoyLTiqT2D-_Wk-9NfxWk2fpFDHpIGDqGyuMHlKsk0O0fetY_mXG3idtz8vQqou7F53Ire13GjyFXwAYusjI9nuJyfdyuLMa_FEh_S-A1i6D8xBCVZRQDe3Lq_FOWfFxWh0G8IE1iGWRB3zF1nC_iOeiJPzZPvPOp1S8VpNSpndixSFlx_AWemwt7gETAPRIFIrF_B3oVrOtcBtdqg-94zp1OnAEuHA-sSZnuLc1f_hnwjnACzRvS6I7ImaL8lw4CqNdtiRnZQT0PXHNmkmu07-lUfmMN-pn7dACvXCOdgMK1LotSdzUzWFRdLfgdwDI6TTp85l48RRjOCIpElEEySq2OW_9TzKLt4plWZxgiYhfebDWO13byFFLb_WdMZWSxGAfQjuPFYM0avFy13di9WijBmFo9Oxw8srR-pBkqINYAB9s_kMh4ISqnHOwezGy1xq9RD8oxchRQkQf02iVlMMV9e3to55L3di8JbbrkO3aJnEgusWQEjkF_YdDSBCR0O6LHYsEacjj7myLBzJhJqJktmBnTj_fiExjL_zic_bh6ciPPIiEBZMYdDraBUPlVb3ZA0sux-bEVg7FSGQzOSS7bcC1tgHns98qy34wZQe6F1Tcu969t4I8m3tbDjLiu72qxbSYRXYvGw-uEOQKgWUOzHh6IvykJilvzxDNl2w1dJOm5TfGvZr84DCgabDILP7Sv1e2_UnhkC2qO7xEo08DNIxpOx_0Vt8A-ueutYyPTKLqKmttTkCv4edEvTbRhI3T-blCBFs6tEhHm8RNAmnege4ugnyaHqXLrwJ1wQa2uoqW2-ruMfeUl2_8JEOfGnwZhQN0Gl8xKh3_YKvtzUIIqUftF-orZ9DBFgN2nIHbMgwWJIr05RPlQv6BeYjxKHx0PBufZU3qHk7OsLf2hyyENeEKBGBvqhiai711I6C5-J9OQbZ84PBBTp3pcyKWj95fSChbrq7Pb_XN9OllKBTpr7935yhFtJ5aUgs3LV_Mdk7gGwe24xDa9kOp54B7nGcDycJgrwDxYkqsnFZxrXnIVh-wty4F2ZCge9NJm9-FbS5dIgRcXd0HQb-FbxQezQnwPnLCQz8BpS2xsM_SRRhtXgYK5k_E7Be81QAkYowB8tFlm8Nuha-aqsPEHrNWZXPU8Epn34GU9OFteq9S5ON3SNgcMZpDeGewjLgl_8oDAPpqQKsrJmKvXjjNKoTTl0X_GcEotiNB2Jk7W5AOU7Pigpj1PAZRDaffRy-o8xM5YnP7-8WShNTjopY4SX_1CZfwwMs8&sai=AMfl-YQlmvw4JEvjucWYYWVBY7cVj6qT-G5u8pqigxwfiunOnk0MAGUSppl7MlJb9cAIEm55Brw8bqLbCuwuWYBs48yleBiEVlBzJm71IrXdDy6uu3opZJsqcQFxepzHeFkVDd6qznS9m91DsBvNAzZpyyeXhtheS62e5lAwbw&sig=Cg0ArKJSzJsH_qiV75orEAE&cid=CAQSTgAvHhf_ScRk7xSjHIfA_afKyW4LqrQ-e3_ahlHxyS3dP9yQJuqn2bOhNeWyqGayZg4B7lbEVUriXgM0nkWwj9zSycPBcNfK8zZCi2UxfxgB&id=lidar2&mcvt=1000&p=455,315,545,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702877556036&rpt=720&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.832/ Frame 5869 0
328 B 181ms
180ms Document
text/html 143.204.86.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702877558&level=0
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-129.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Dec 2023 05:32:37 GMT
server: nginx
via: 1.1 409082e9caee4a1cdc1a950363f5172c.cloudfront.net (CloudFront)
x-amz-cf-id: KlrVzNyiII0zhUjmjQMQwW-RdTdwhuDFu2gj4lI2-5x7th3zJqjVrw==
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 9007 0
152 B 7ms
7ms Script
text/html 18.182.103.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=14210:108293:204183:224ba2158469941ce4b60f1049851ae9:23269&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:37 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 750882597067205_0-init.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-lp-qd-v/ Frame CFBC 657 B
763 B 233ms
233ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-lp-qd-v/750882597067205_0-init.m4v?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4d5814d56998e79b1e45795f1f23c9d73c5174109bfed2c57bd42102e6f415f2

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:38 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 657
x-fb-origin-hit: 1
etag: deebf16daae5bed38f37147ddccde248
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 5
x-fb-video-livetrace-parentsource: CDN:elb:H:fco2c01:dash-lp-qd:3615

GET
H2 200 750882597067205_0-init.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-lp-md-a/ Frame CFBC 598 B
1 KB 225ms
225ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-lp-md-a/750882597067205_0-init.m4a?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 650c5f605c2706575823936c7fa0ee6026089b324d5fcd2d873b96d40f5307e6

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:38 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 598
x-fb-origin-hit: 1
etag: b028ccd7eea8be5ef04636b83a7df20f
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:fco2c01:dash-lp-md:3611

GET
H2 200 750882597067205_0-2753.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 38 KB
38 KB 680ms
680ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2753.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f8819afccbc669fd15a638e862f3f54c79ead74cb4a457eea034ee4bdba9792d

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:38 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 39144
x-fb-first-keyframe-offset: 3730
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 47
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:8259

GET
H2 200 750882597067205_0-2753.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 16 KB
16 KB 262ms
262ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2753.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 86b9acc4886fa0b7401e4c233cb668fa6eee7287f7778e77c8c1b98e8f77d2ce

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:38 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 16691
x-fb-first-keyframe-offset: 410
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 40
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:8253

GET
H3 200 ypfa5SnW7sV.js Show response
static.xx.fbcdn.net/rsrc.php/v3iyb44/yA/l/en_US/ Frame CFBC 277 KB
62 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iyb44/yA/l/en_US/ypfa5SnW7sV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4cc408ad19140cf0e8b2b0a4bc3bed7c2ab33de2622eef73d5c9afb586ea04a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aOxa20TUAnwP0ETwVUPVkQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 63654
reporting-endpoints
x-fb-debug: /bw2kVzngPr3qqBe6X1gLxfWw7SMzlX/3tMEpj323kS26D5j4anr98a5zdEfIiABzFXale12GqtBpluf99FawQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 17:58:16 GMT

GET
H3 200 S3g_HO64CGH.js Show response
static.xx.fbcdn.net/rsrc.php/v3iHf34/yj/l/en_US/ Frame CFBC 3 MB
486 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iHf34/yj/l/en_US/S3g_HO64CGH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d2d78e9a943e5ae7be397f715b5df5a36481633611524ba210ca1016a88cad86

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: LxApA7m2bhUVwExBgKLiNw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 497992
reporting-endpoints
x-fb-debug: qFaqjuE9nHar3tzRlXiKZFua9UDzwzSPJRN70IBT1aYuPBeZc8cKux0dkL8zdvBz/o8X7ze87gTR9w9OHbh2CQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Mon, 16 Dec 2024 17:18:18 GMT

GET
H3 200 x8cPXS1pF8o.js Show response
static.xx.fbcdn.net/rsrc.php/v3ilc_4/yM/l/en_US/ Frame CFBC 330 KB
76 KB 12ms
10ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3ilc_4/yM/l/en_US/x8cPXS1pF8o.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f06b5c10883898ed28744cdf1873ec8de681a0f211f8d24339dc3297fdd8562b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KGsi1CzuvObihIp4CILjsw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 78155
reporting-endpoints
x-fb-debug: mHI2hVA4aRjsW41z4EuIyVfFylfEL2tJ5ARTwbgOI+6df3tHBOCgE7A+kiv+iYL02mGEQbbyXre8iLiZ0tYkQw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 15 Dec 2024 05:18:47 GMT

GET
H3 200 Cf8jcTzOUp9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/ Frame CFBC 26 KB
7 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/Cf8jcTzOUp9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wu8OzYuRZpaUCFL3HzI4JQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6798
reporting-endpoints
x-fb-debug: mEekOmaGyGJuUpxjKGjO32PiCb7gbvAhIeI6RJJJ3EwvvFaUJOVGxY+Ljhmy4Z3pEfPKuaOI5G5IndKcx43Alw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 12 Dec 2024 23:51:57 GMT

GET
H3 200 F4j9B2xJ1Ib.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame CFBC 4 KB
1 KB 19ms
18ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /gOrTztJymIBgB0hri867Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1208
reporting-endpoints
x-fb-debug: l6rBK5YqtAUDnSaG5JTjegirVvk8buCEbP2ZfC6O7IaOvqzQk/j52kr3Ncjmmr4kR4j9yNfE4t+imKRMrz1+cw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Fri, 06 Dec 2024 03:49:49 GMT

GET
H3 200 9dN_FA4mMHO.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/ Frame CFBC 7 KB
3 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: m6Kjybcr8DtynOk5chZEYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2768
reporting-endpoints
x-fb-debug: VNzuYkKfMSHoOqnyAQMwRL+rk8NO8Mr4wzGtPblnntKYGWvyVZP0yT020Wa2CPkR1y/hSBAqylyOzLMVzFVYSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 18:28:16 GMT

GET
H3 200 X_EhxW4Quy4.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ Frame CFBC 20 KB
5 KB 14ms
13ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/X_EhxW4Quy4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

669f1bd492f3e253163afa6786b377ce0026c5ae959c90ffcbc3a81c867dd738

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w1adhR2MXewZn4zKJ+ODJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5185
reporting-endpoints
x-fb-debug: sVf+bCsfZsrq9vCL/4OLOVlmfDcNLebFKPloG4UMqrW2rPMmGag3Fz+LeH6MHGKOvlvww/Vw2GXMJ2qH56mymA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Fri, 13 Dec 2024 18:03:12 GMT

GET
H3 200 pt-pTLbbjWu.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame CFBC 43 KB
9 KB 24ms
23ms Stylesheet
text/css 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/pt-pTLbbjWu.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

484e2e4d30e5978b75cfd54b28412aff56940d0936029a5b476258c908aa7167

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: lltOor+L0evTk3ON4kLeig==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 9536
reporting-endpoints
x-fb-debug: OBLv6qL+fcOYvk2FCHzE6KTlOZ8GZFva5eg0mmXlaJ0+5AmbxhAvmAi+r4UMV1Npe1fh8Ua4ccnmc5uNib790w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Mon, 16 Dec 2024 13:22:29 GMT

POST
H3 200 / Show response
www.facebook.com/video/unified_cvc/ Frame CFBC 269 B
334 B 115ms
114ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yG/l/en_US/IVj8Uh3KNzL.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b1d2b4001d65b0ac9cd1fae8bd5e6616cf30e71c1d5e0e0db3fc0a85b6b8140

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: slMn6K1E7aAfNUHNJJ5k4O
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: rl1ywRoHXCsya6x2F+mXVfWIdhy4mw0trTkp9fPkRU0h5dNlcr0wKbwfXNJpbeM3FKH8KY1KNC71LoIWoiUyuA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/ajax/bootloader-endpoint/ Frame CFBC 14 KB
3 KB 112ms
111ms XHR
text/javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__req=3&__hs=19709.BP%3Aplugin_video_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010473700&__s=%3A%3Amaiaqs&__hsi=7313803417183899643&__dyn=7xeUmxa13xu1syUbFp63m1FwAxu13wqovzEcWwMwNwhE4mdwJwyU5C0TUhwem265o3wwobG1ewho24wbG78b87C1xx-8wlU-5E1pEhwGwQw4iwBgao1O82IzU2Xwdq1iwmE2exu16wa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&locale=en_US&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/V1vOOFer-BX.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b78c80a9e96f9d67b611f6835b034a15c3fbc828be38f1b9e0e0407315d89deb

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Mon, 18 Dec 2023 05:32:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: /Uh57u3yWZvuWVMuLafZUnYfqddP0QrRetNlgLWKWqj2hgifb3fCEsnlMY/GvuDyuRcM+uOTdmXX+MDmoYtpFg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 0L5gppRlswe.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame CFBC 404 B
543 B 3ms
2ms Image
image/png 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/0L5gppRlswe.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Mon, 18 Dec 2023 05:32:38 GMT
x-content-type-options: nosniff
content-md5: bDizLuK+pYt04fjxlQ20xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 404
reporting-endpoints
x-fb-debug: lI37fDBArD1cUUMQhIQUdGj+AOBonGqaVXidDfXlOlEzdvyiH86nlJhpOvGJq5O0DE0oU7qB+8yPYwYGl9nN3A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Tue, 03 Dec 2024 18:33:24 GMT

GET /
ttd-cm.tagtoo.com.tw/prn/uidm/ Frame 2619 0
0

POST
H3 200 bz Show response
www.facebook.com/ajax/ Frame CFBC 0
114 B 160ms
160ms XHR
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbFp63m1FwAxu13wqovzEcWwMwNwhE4mdwJwyU5C0TUhwem265o3wwobG1ewho24wbG78b87C1xx-8wlU-5E1pEhwGwQw4iwBgao1O82IzU2Xwdq1iwmE2exu16wa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19709.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7313803417183899643&__req=4&__rev=1010473700&__s=%3A%3Amaiaqs&__sp=1&__user=0&dpr=1&jazoest=21728&locale=en_US&lsd=slMn6K1E7aAfNUHNJJ5k4O

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/UvFG0JbY3sF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryKTUUhVBZ76AoJWrb

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: cjW4dVJ8eAjOO9vBuyPjxvqwtXNiYD2TO4t7SyknxjyJB5b8gmeLuD6JQ5Nq7iWnYukfhTjDQ7sxs5xql9gQ4A==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 750882597067205_0-2754.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 18 KB
18 KB 270ms
269ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2754.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 94ad19ef3ee83b4f3fbc3dc8c909d8c8fdfd041f33544e73de2e42d5af386eca

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:38 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 18239
x-fb-ull-ssbwe-v3: conservative:56235;mean:56235;aggressive:63024
x-fb-first-keyframe-offset: 350
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:53304;conservative_median:53304;aggressive:63024
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 47
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:8942

GET
H3 200 750882597067205.mpd Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/ Frame CFBC 11 KB
2 KB 256ms
256ms Fetch
application/dash+xml 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/750882597067205.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfAb-v52mxAYxo7e36xKt-i946WwQwJw5vIeqw4MzMZfnA&oe=65817313
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8144edf2a14091059fa1b1550be7682fbf3f3b43d4520ad67f98f1e5c95f1906

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:39 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702877558
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 5594898
alt-svc: h3=":443"; ma=86400
content-length: 1577
x-fb-origin-hit: 1
etag: f8634218e25f557cd3971f5117c07a8a
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: HtdVzIstVRKI8VO84uiE1n520Rs6aYJFGe2dlNAw7mmt0pcddSmv49SgEc2TVZte4eH-fZQoNfLCQHwq4jD_UaMLd6e9r0S1dzP2AsfTldLAaU3PO9a1uPpHq6XPaz-2
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 750882597067205_0-2754.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 40 KB
40 KB 303ms
303ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2754.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9cdc3ce1b98380a4999530dc834a880dc74a7843e67cf92f5262ab6b03cc117d

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:39 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 41142
x-fb-ull-ssbwe-v3: conservative:137942;mean:137942;aggressive:427928
x-fb-first-keyframe-offset: 4285
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:94536;conservative_median:94536;aggressive:427928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 81
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:9408

GET
H3 200 750882597067205_0-2755.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 17 KB
17 KB 265ms
265ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2755.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 67532efb1d983bae516a01d0cd2aaa8e3180e9db0c1bc818e36f65e9bacbe3e7

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:39 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17850
x-fb-ull-ssbwe-v3: conservative:137942;mean:137942;aggressive:427928
x-fb-first-keyframe-offset: 316
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:94536;conservative_median:94536;aggressive:427928
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 43
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:9439

GET
H3 200 750882597067205_0-2756.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 17 KB
17 KB 265ms
264ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2756.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2d791b1dc3c3487ce531855f8bf186fec81cd534fc53f738f9128df3284a1dbd

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:39 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:2344072;p75:2344072
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:2344072
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17694
x-fb-ull-ssbwe-v3: conservative:646039;mean:646039;aggressive:1603952
x-fb-first-keyframe-offset: 352
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:525688;conservative_median:525688;aggressive:1603952
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:1758054;p75:2344072
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 42
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:9962

POST
H3 200 bz Show response
www.facebook.com/ajax/ Frame CFBC 0
115 B 102ms
101ms XHR
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbFp63m1FwAxu13wqovzEcWwMwNwhE4mdwJwyU5C0TUhwem265o3wwobG1ewho24wbG78b87C1xx-8wlU-5E1pEhwGwQw4iwBgao1O82IzU2Xwdq1iwmE2exu16wa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19709.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7313803417183899643&__req=5&__rev=1010473700&__s=%3A%3Amaiaqs&__sp=1&__user=0&dpr=1&jazoest=21728&locale=en_US&lsd=slMn6K1E7aAfNUHNJJ5k4O

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/UvFG0JbY3sF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynX4nOJe5jFPjNisC

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 9NWOgGfct0UkvCmQADuQsJ8wKv1BU2AKFsRCOdGdWk8GYtfq2bjPMemvdKx0ZP9wJigWL5axYEJXrGVhLBf+eA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 750882597067205_0-2757.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 17 KB
17 KB 279ms
279ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2757.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e7b761a27e196508d1a2b6d84a693949d47619e928464ea2f08f2dd93d9f9a16

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:40 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:2344072;p75:2344072
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:2344072
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17222
x-fb-ull-ssbwe-v3: conservative:605894;mean:605894;aggressive:1603952
x-fb-first-keyframe-offset: 340
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:451592;conservative_median:451592;aggressive:1603952
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:1758054;p75:2344072
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 57
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:0262

GET
H3 200 750882597067205_0-2755.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 39 KB
39 KB 486ms
486ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2755.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 59b74c3ffb64fefccf2350519509d1505bbfd6184933c5fd9c85c03720e44f26

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:40 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:2344072;p75:2344072
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:2344072
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 40207
x-fb-ull-ssbwe-v3: conservative:606832;mean:606832;aggressive:1603952
x-fb-first-keyframe-offset: 2794
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:487008;conservative_median:487008;aggressive:1603952
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:1758054;p75:2344072
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 43
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:0404

GET
H3 200 750882597067205.mpd Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/ Frame CFBC 11 KB
2 KB 383ms
383ms Fetch
application/dash+xml 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/750882597067205.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfAb-v52mxAYxo7e36xKt-i946WwQwJw5vIeqw4MzMZfnA&oe=65817313
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8144edf2a14091059fa1b1550be7682fbf3f3b43d4520ad67f98f1e5c95f1906

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:40 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702877558
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5594898
alt-svc: h3=":443"; ma=86400
content-length: 1577
x-fb-origin-hit: 1
etag: f8634218e25f557cd3971f5117c07a8a
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 750882597067205_0-2758.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 18 KB
18 KB 262ms
262ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2758.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2f105dfd3049ca8a18a25122e3caeaa2684487a517810128cb6c84f5846d193d

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:40 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:2344072;p75:28371760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:2344072
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17967
x-fb-ull-ssbwe-v3: conservative:629176;mean:629176;aggressive:1898984
x-fb-first-keyframe-offset: 370
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:537360;conservative_median:537360;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:1758054;p75:28371760
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 40
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:0774

GET
H3 200 750882597067205_0-2756.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 43 KB
43 KB 264ms
264ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2756.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: dfbb4cf2c707536049bb2436a111c475c148e9bf0926d29aa347d842b882892f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:40 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:2344072;p75:28371760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:2344072
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 44483
x-fb-ull-ssbwe-v3: conservative:643078;mean:643078;aggressive:1898984
x-fb-first-keyframe-offset: 5198
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:574200;conservative_median:574200;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:1758054;p75:28371760
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 42
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:0896

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 38ms
37ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702877555213&gcd=11l1l1l1l1&dma=0&cid=1704609682.1702877555&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702877555&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2&tfd=6101
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 750882597067205_0-2757.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 38 KB
38 KB 263ms
263ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2757.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9d065f9a29f3ae00a80ec8db1fd04ef9f704f90400565cc614cadb86736cf6de

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:41 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:11584136;p75:28371760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 39195
x-fb-ull-ssbwe-v3: conservative:768954;mean:768954;aggressive:1898984
x-fb-first-keyframe-offset: 4032
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:673280;conservative_median:673280;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:8688102;p75:28371760
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 43
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:1410

GET
H3 200 750882597067205_0-2759.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 17 KB
17 KB 265ms
265ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2759.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 23f0a1863e07ff5c15fb0012c60de98050e5fee97513941fe806744055519eff

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:41 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:11584136;p75:28371760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17574
x-fb-ull-ssbwe-v3: conservative:769479;mean:769479;aggressive:1898984
x-fb-first-keyframe-offset: 356
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:673280;conservative_median:673280;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:8688102;p75:28371760
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 42
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:1560

GET
H3 200 750882597067205_0-2758.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 38 KB
38 KB 268ms
268ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2758.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6ad5457e747c2c385d94279725227544495fc185c8f3caae98dd7c30c9f4ea53

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:41 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 38638
x-fb-ull-ssbwe-v3: conservative:786662;mean:786662;aggressive:1898984
x-fb-first-keyframe-offset: 3503
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:685728;conservative_median:685728;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 46
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:1701

GET
H3 200 750882597067205.mpd Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/ Frame CFBC 11 KB
2 KB 222ms
222ms Fetch
application/dash+xml 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/750882597067205.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfAb-v52mxAYxo7e36xKt-i946WwQwJw5vIeqw4MzMZfnA&oe=65817313
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6d0cd37c1532ef095810991d0f54fa48289028821f2602202c38443e5377258e

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:41 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702877560
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 5597025
alt-svc: h3=":443"; ma=86400
content-length: 1581
x-fb-origin-hit: 1
etag: d444e607de9261154810a3ffeb240b0b
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 750882597067205_0-2760.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 18 KB
18 KB 265ms
265ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2760.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c842b7120016a266d97d5568e1071e01e91511ed7b3ffa9c2602fbb3edbedaec

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
x-fb-ull-ssbwe-v4: p25:11208584;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:11208584;p25bis:11208584;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17970
x-fb-ull-ssbwe-v3: conservative:783226;mean:783226;aggressive:1898984
x-fb-first-keyframe-offset: 339
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:716184;conservative_median:716184;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:8406438;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 43
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:2416

GET
H3 200 750882597067205_0-2759.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 43 KB
43 KB 269ms
268ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2759.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: cbc993e523ed6ae192e238da109dabd7725125337b5d04967e9ec978a1f2430b

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
x-fb-ull-ssbwe-v4: p25:11208584;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:11208584;p25bis:11208584;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 43654
x-fb-ull-ssbwe-v3: conservative:774993;mean:774993;aggressive:1898984
x-fb-first-keyframe-offset: 3945
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:685728;conservative_median:685728;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:8406438;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 46
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:2485

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 88F0 0
0 42ms
42ms Fetch
image/gif 2404:6800:4004:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIkoqrjNJDKeS8m5W2BNDJGUa6kbq-ybFd3DWFbQn3tXe9Ga6XVNW5yuTCmEiQ02DI_Lqjw78snQP6yxJAmhEx2xbqgUIOXtYX-OkANqJoWzuaPQBzEti054yflywXDSjhXL5kcmgaCxrjALZsvrt50z7zdcLtiBYMlGnQNLZnTORQ0wFOlYMjlV2mkdH_I5ZgELByXcm2EDfvoU54IPDBCKxR3YicGsSEYtd6rSo4SYVGRSyKv8DW11sOlBz4H_1C12XQ21LOkCI-QgedU56GwaVxSSiZK8ZXRI8jpREHHmcBwys0tNMR0qU22x6yDWUF7jH96QVF0knHZeL55xRZOYOAkLsf24T-SyoGLkYMQ2xmDeaxN4G3fgdv25a48kez3dNhkPzHOrAJcw&sai=AMfl-YSAQNhJZJN723m-lmDY8NXDZ3IlEWqCJtI6AR5PD2geyQcrZnacY6Ni9sIAsQdEEqNCn4uMSbZ3T4u5DLSW5I9IWEa6_5LycQMcduWqkFrxQAdsJJtF4cy0Re8BATXiDerPCtR2GEvEooZCjifg-5Y&sig=Cg0ArKJSzCVxTVes_WDUEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:811::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Dec 2023 05:32:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 54ms
54ms XHR
application/json 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5be7d5fd3ada226b10c41866a6a092a7f980fecc63283e151848225c0ec8f148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12074
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 6A3A 15 KB
6 KB 165ms
165ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:42 GMT
server: Kestrel
server-processing-duration-in-ticks: 983998
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 74ms
74ms Script
text/javascript 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Dec 2023 05:32:42 GMT

GET
H3 200 750882597067205_0-2761.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 17 KB
17 KB 267ms
267ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2761.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 5c7ab60288a6cdd7666549df0bec15be85c1896d13613e85260037fd87a20948

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
x-fb-ull-ssbwe-v4: p25:11208584;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:11208584;p25bis:11208584;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17444
x-fb-ull-ssbwe-v3: conservative:769646;mean:769646;aggressive:1898984
x-fb-first-keyframe-offset: 332
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:682256;conservative_median:682256;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:8406438;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 44
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:2687

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 31D6 13 KB
5 KB 2ms
2ms Document
text/html 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 230267
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Dec 2023 13:34:55 GMT
expires: Sat, 14 Dec 2024 13:34:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F346 829 B
560 B 39ms
39ms Document
text/html 2404:6800:4004:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:820::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

222570e06f344e5619da684e0893ffac4dea5f711907913c6f2362a06dce21d3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wPgiAeNjNwGF4UVoFYnUuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-wPgiAeNjNwGF4UVoFYnUuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Dec 2023 05:32:42 GMT
expires: Mon, 18 Dec 2023 05:32:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 31D6 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 13:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 230266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 13:34:56 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 6A3A
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=pwL4Vl9kJTJGaHNZS3JsQzNqQm8xNFg0TlROa2xJMXFmNjY4eElodnMlMkZlelkyWnlWZXRxM0ltVk1lcn...
https://mug.criteo.com/sid?cpp=EgY4TXxvT3gyaHgzYytZWHhjcTNHSkgzUVhFZzkyT0MwZmt6VCtPMGF0NHR0N2VmQVZES2UzSWFUZFBpNDhsRHp4TGNMNWdHUUFTN0U4UHcyZ3JQbE1iRldBYXpjalpvejByS0txR09BQWQxYzhVa21VdHJsaEJEUVltMz...

428 B
653 B

76ms
76ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=EgY4TXxvT3gyaHgzYytZWHhjcTNHSkgzUVhFZzkyT0MwZmt6VCtPMGF0NHR0N2VmQVZES2UzSWFUZFBpNDhsRHp4TGNMNWdHUUFTN0U4UHcyZ3JQbE1iRldBYXpjalpvejByS0txR09BQWQxYzhVa21VdHJsaEJEUVltMzdpZmoxUENCUUYxZDloR1J2dVBiWTErQy81YXlQWWJmbU5LSHNaQUIxVDZiMGVUdTd1K2UvUFd1V25vTlRwelZGUnI3WUJZejB5Q3RxMnpNMExBODlhdDcwSU4zNmUxY0xHOEF5T2ljTUk5QWl1T0g1N3BUUDJUclhqRzZ0ZWFHY2VjeGhYTVRXaU1QQjVXQVZ6bEhuUklEN1p2SGRSTk94UUtXQWUwTzVnMjBYL2Z6aytBZz18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

ae383572c5016f8de58f066e7c91f262808be00620e99eb814d0786f76732ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:41 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 929795
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=EgY4TXxvT3gyaHgzYytZWHhjcTNHSkgzUVhFZzkyT0MwZmt6VCtPMGF0NHR0N2VmQVZES2UzSWFUZFBpNDhsRHp4TGNMNWdHUUFTN0U4UHcyZ3JQbE1iRldBYXpjalpvejByS0txR09BQWQxYzhVa21VdHJsaEJEUVltMzdpZmoxUENCUUYxZDloR1J2dVBiWTErQy81YXlQWWJmbU5LSHNaQUIxVDZiMGVUdTd1K2UvUFd1V25vTlRwelZGUnI3WUJZejB5Q3RxMnpNMExBODlhdDcwSU4zNmUxY0xHOEF5T2ljTUk5QWl1T0g1N3BUUDJUclhqRzZ0ZWFHY2VjeGhYTVRXaU1QQjVXQVZ6bEhuUklEN1p2SGRSTk94UUtXQWUwTzVnMjBYL2Z6aytBZz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 289994
content-length: 0
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F346 0
0 38ms
38ms Image
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3892538116021409&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 31D6 0
10 B 2ms
2ms Image
text/plain 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zPZbcw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 750882597067205_0-2760.m4v Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 38 KB
38 KB 489ms
489ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2760.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 19789b990f6d6ef5b34c1ab8cf3cb903cd61c6d2a1d6040954e63d669b6c9a94

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:43 GMT
x-fb-ull-ssbwe-v4: p25:11208584;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:11208584;p25bis:11208584;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 39219
x-fb-ull-ssbwe-v3: conservative:989003;mean:989003;aggressive:1898984
x-fb-first-keyframe-offset: 4744
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:989003;conservative_median:1091224;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:8406438;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 45
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:3003

GET
H3 200 750882597067205_0-2762.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 18 KB
18 KB 306ms
305ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2762.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 477da0b166c8aece6551c8e7272df8d65b9e654045d0384855db2367dc1eedd9

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:43 GMT
x-fb-ull-ssbwe-v4: p25:11208584;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:11208584;p25bis:11208584;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 18158
x-fb-ull-ssbwe-v3: conservative:977021;mean:977021;aggressive:1898984
x-fb-first-keyframe-offset: 357
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:977021;conservative_median:1059040;aggressive:1898984
x-fb-ull-ssbwe-v4scaled: p25:8406438;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 45
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:3185

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3892538116021409&bg=!FBelF1jNAAY3kmNgF5I7ADQBe5WfOPIF3pFs9tl5OLjCwlKj4U4otBvCfzkyCUN8KOGhnn2nekNPRbPdb8Ofl9FOfDfXAgAAAF9SAAAAAmgBB5kC3y-MCsY-DKrMf0Cc44nq15f6J04_kf8l1KOR8_sxAuZaKe19WL2MaQseff6i3UFakcAv-QFG4IGSTSOTqow1XvGxx6dPuJbvf_PS8hx4Ndd-iU25k_9wZOWT4O8g5zEG_9EAoH5NfwpSuoNE3EUJ6_Hkf5bZ9drft8vVVLxeSTaY0PyTCtaDkBJ_RyvxWmy7qQxZPkPsCs_QSFoGJg7KD9epBHf9d6L5SFDlNvyJvN2eAsMBiA35ETvP6lV5UScZg0Lm9lCuplgMfPjwUccYml-DkBV8pekwcYJSTsWWmKddlV2PPYcyTQQ1jGE-uBCR87wPfq_sJbqwERdN7EYarE2huKpexIoKeUZb9GHb9zLW7ke892_fjw_LsEXTjHpB1QER753AxCgJriTnC3EQaiIqu6Q2PUTESqCgCzOCAybOwAAgHVLk1ZSIgNI0L-WuRbuaNdN-XiQfaiJUTYboRf5P5-IlcByVO6LGmGyAIgtkRLC6dMCgPCNKX0IPyftVF0GnTWBFaj2wKIvUMSVXw5s8t5qbsoerEHxFaRDkomM4hHlj4E1050kq6G255v2Fp_USFRLmpFRnewVCxuKH05SU9FI0YHy76ouEXtRFG3wk7dOnN9Jsp4Lqv9gEP8ZSNCCdeH-oLf65aBu4LGi5hl1qOHtHMsF5ivOakw1_HKROfK-6lSye2U0XOoEj_1Aa4R8qOJuBAHLyuxR7QxoNz7lfSHDbM9OQJo3hApX0SexogLwJV0CjhjWE-EW5-umEBwcPnTcL55mtklfWRA4donWhrpZ_t_WYD9x79WNJXhUuBzo87e7pSFuvcyWnoZ12-4YOiYrO_FLkmDjzMbXhBuQVahnvbKJarggFtNhUYZjGUidcCl7h_qtikKajxmwKh3zzvqo935J-cpvDq_G5Qo3YMQbCnFsuvYpbyjm_m_oGr0KjYwIYmT3j8DaAcK7ccxE1-Pyn_E0p10znExvGVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H3 200 bz Show response
www.facebook.com/ajax/ Frame CFBC 0
116 B 101ms
101ms XHR
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbFp63m1FwAxu13wqovzEcWwMwNwhE4mdwJwyU5C0TUhwem265o3wwobG1ewho24wbG78b87C1xx-8wlU-5E1pEhwGwQw4iwBgao1O82IzU2Xwdq1iwmE2exu16wa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19709.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7313803417183899643&__req=6&__rev=1010473700&__s=%3A%3Amaiaqs&__sp=1&__user=0&dpr=1&jazoest=21728&locale=en_US&lsd=slMn6K1E7aAfNUHNJJ5k4O

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yT/r/UvFG0JbY3sF.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df799ebc75c7c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff166f6906b0ab0c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1516335185853834&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryxE8KSupnyrcKwHIn

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Mon, 18 Dec 2023 05:32:43 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: v1hLS07XLha6qWK7cFkZp+vmNLCPzBrBuDxxCTfIjVdNh7JLqYMac+7szX2JgsIX7yDHoMxlaqzrYbASeVme7g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 750882597067205.mpd Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/ Frame CFBC 11 KB
2 KB 562ms
562ms Fetch
application/dash+xml 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/dash-abr3/750882597067205.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfAb-v52mxAYxo7e36xKt-i946WwQwJw5vIeqw4MzMZfnA&oe=65817313
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 257e31e6f5dcf4b5a251f47ded5a7f169273b383b7b3392949d6662188fa4c19

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:43 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702877562
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 5599145
alt-svc: h3=":443"; ma=86400
content-length: 1573
x-fb-origin-hit: 1
etag: f9d30a072cfd1fb7c4226325dabeffa4
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: XB4F2putUlAVkKNnuhloynhDmecAVhg_r5zrkVsSPxP0MNznkboL-tWnqdbYgTQjq2r37He6ZE2afIQenOy-u7AeyHG-Rz8QTGWjh_5gDjs4uWXSt1oLoVSNopppAJe3
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 750882597067205_0-2763.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 16 KB
16 KB 489ms
488ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2763.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: fa3a5f90de51ab1756dc57bc1eed15cea0c7c99c6c85e00b09455d1ca0157373

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:43 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 16828
x-fb-ull-ssbwe-v3: conservative:1000365;mean:1000365;aggressive:1878440
x-fb-first-keyframe-offset: 333
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:1000365;conservative_median:1062472;aggressive:1878440
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 45
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:3495

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 88F0 42 B
64 B 42ms
41ms Fetch
image/gif 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstU-Xz3keZpUEOV706k47zgJOcITSxpQgvVCIJTniaE4twTzd_o2GGY_F2-H4CXO2EZbbqoeLk_VY6kjwU7VyuIYBfu5ngN0JSYwI9bgQzJn130U9Ie5l-j1RHsA8hFpz2_va-E9Rd8wU2H2jXfHbANuJD3&sig=Cg0ArKJSzI7VJ6ks9TBQEAE&id=lidar2&mcvt=1000&p=108,625,362,925&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702877556071&rpt=6335&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Dec 2023 05:32:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 750882597067205_0-2761.m4v
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/ Frame CFBC 8 KB
0 344ms
344ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-qd-v/750882597067205_0-2761.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:43 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:11584136;p75:23909760
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 42486
x-fb-ull-ssbwe-v3: conservative:985095;mean:985095;aggressive:1878440
x-fb-first-keyframe-offset: 5889
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:985095;conservative_median:1024632;aggressive:1878440
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:8688102;p75:23909760
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 44
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-qd:3638

GET
H3 200 750882597067205_0-2764.m4a Show response
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 17 KB
17 KB 263ms
263ms Fetch
video/mp4 2a03:2880:f06f:1:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2764.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/9NTUPK_dvJM.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f06f:1:face:b00c:0:1823 Rome, Italy, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 97bddb1c684626d362d0a2a77e5a5d54406215ae2c08f5cddd1ceb7d3f6bbe6a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Mon, 18 Dec 2023 05:32:43 GMT
x-fb-ull-ssbwe-v4: p25:2344072;p50:11584136;p75:14896448
x-fb-ull-ssbwe-v4alt: p25:2344072;p25bis:2344072;p50:11584136
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17410
x-fb-ull-ssbwe-v3: conservative:959452;mean:959452;aggressive:1878440
x-fb-first-keyframe-offset: 397
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:959452;conservative_median:1008200;aggressive:1878440
x-fb-ull-ssbwe-v4scaled: p25:1758054;p50:8688102;p75:14896448
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 40
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:fco2c01:dash-lp-md:3989

GET 750882597067205_0-2765.m4a
video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/ Frame CFBC 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scontent-fco2-1.xx.fbcdn.net
URL: https://scontent-fco2-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=vkbkAUPILKsAX8jV9HR&_nc_ht=scontent-fco2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBfc9xjPk41I4JIoyBgKyjoPXYtZfpTUGXRLsf-mGvybQ&oe=65856305

Domain: scontent-fco2-1.xx.fbcdn.net
URL: https://scontent-fco2-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=tojBZuEeStwAX_SPyKD&_nc_ht=scontent-fco2-1.xx&edm=ADwHzz8EAAAA&oh=00_AfCjIMpeB9kz0ekCflpvSwhGtfbN6gSiwiJCoGRrgnKuhw&oe=65842295

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19709.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010473700&__s=%3A%3A0ou5bt&__hsi=7313803408350935189&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19709.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7313803408350935189&__req=4&__rev=1010473700&__s=%3A%3A0ou5bt&__sp=1&__user=0&dpr=1&jazoest=21805&lsd=4-IdoDFRhmnWyYaFy5I-8E

Domain: ttd-cm.tagtoo.com.tw
URL: https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=55852073d5705fa3696b65e2de4b5dae&pid=1008&puid=676d562047e6f33af4c1702845156169&

Domain: video-fco2-1.xx.fbcdn.net
URL: https://video-fco2-1.xx.fbcdn.net/hvideo-odn-cln/_nc_cat-111/_nc_sr_t-4/v/rAScgnyVfV9ZqN_iFqy5m2jHzcYsfFtN9o_qZTF962y8q-A/_nc_ohc-RqGJjtbv4jkAX8Zqt8b/live-dash/ID/dash-lp-md-a/750882597067205_0-2765.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1

Verdicts & Comments Add Verdict or Comment

167 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

47 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 19:10:53	Name: _fbp Value: fb.1.1702877555290.769777157
.reurl.cc/	1970-01-20 17:02:43	Name: _gid Value: GA1.2.589796479.1702877555
.reurl.cc/	1970-01-20 17:01:17	Name: _gat Value: 1
.reurl.cc/	1970-01-21 02:37:17	Name: _ga Value: GA1.1.1704609682.1702877555
.prnasia.com/	1970-01-20 17:01:19	Name: __cf_bm Value: N5WPahDKaGD33iWSxLgmOuN4s4WBCtEU0ezgEVy7rFs-1702877555-1-ARHFJx3637lTkronNCGUG9z2pUGhYPTwgx8qfPppPVi6Lxs58j7qATbI5HvT0WO10uuYRpZffisI5L16WOJy5zk=
.openx.net/	1970-01-21 01:46:53	Name: i Value: 5de9813f-cae0-49fe-8c35-5f4a15f0ea2b\|1702877555
.crwdcntrl.net/	1970-01-20 23:30:04	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:30:04	Name: _cc_id Value: 614dd8011e574ef924600bb61967fc91
.reurl.cc/	1970-01-20 23:30:05	Name: _cc_id Value: 614dd8011e574ef924600bb61967fc91
.reurl.cc/	1970-01-20 17:02:43	Name: panoramaId_expiry Value: 1702963955822
.openx.net/	1970-01-20 17:22:53	Name: pd Value: v2\|1702877555\|jElYiuvOhI
.reurl.cc/	1970-01-21 02:22:53	Name: __gads Value: ID=3b31c97f0ee1ee77:T=1702877555:RT=1702877555:S=ALNI_MbmGRwkkNr3wgK0L5XJXPUfcq39Og
.reurl.cc/	1970-01-21 02:22:53	Name: __gpi Value: UID=00000cb35bcbb98d:T=1702877555:RT=1702877555:S=ALNI_MaUBRKRO0aeSRDW6hKJQZSei5Yh2g
.adsrvr.org/	1970-01-21 01:48:19	Name: TDID Value: 35479725-ccea-4f91-9ed3-a6e077a71f44
.socdm.com/	1970-01-21 02:37:17	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzAyODc3NTU2fQ
.ladsp.com/	1970-01-20 17:01:21	Name: cr Value: 1
.adsrvr.org/	1970-01-21 01:48:19	Name: TDCPM Value: CAEYBSABKAIyCwiIldOQr-W_PBAFOAE.
.ladsp.com/	1970-01-21 02:37:17	Name: smn_uid Value: bO_mZ-3qvbfzgLz6TstOBBA-NbicEhU
.ladsp.com/	1970-01-21 02:37:17	Name: lum Value: CNjapdvHMRIFCAMQ0AU
.reurl.cc/	1970-01-21 02:37:17	Name: _ga_N394QBRGC0 Value: GS1.1.1702877555.1.0.1702877556.59.0.0
.doubleclick.net/	1970-01-21 02:37:17	Name: IDE Value: AHWqTUmt_fSC3xK0uLjRVWlV9xvm7NJaD6baZz-isL26900PJO6_KT-6bYMYPmth4Wo
.openx.net/	1970-01-20 17:22:53	Name: univ_id Value: 537072971\|35479725-ccea-4f91-9ed3-a6e077a71f44\|1702877556102313
.reurl.cc/	1970-01-21 01:46:53	Name: _ss_pp_id Value: 676d562047e6f33af4c1702845156169
.holmesmind.com/	1970-01-20 17:02:43	Name: fcm Value: 1
.reurl.cc/	1970-01-20 17:44:29	Name: ISMD5VERSION Value: 1
.popin.cc/	1970-01-21 01:46:53	Name: uid Value: 676d562047e6f33af4c1702845156169
.in.treasuredata.com/	1970-01-21 02:37:17	Name: _td_global Value: 6a99d13d-e66e-46b3-a0d6-40cf739487ff
.reurl.cc/	1970-01-20 17:44:29	Name: CFFPCKUUID Value: 4133-MG25G93Sv6OY61qOZgtZ1LYzLTVfPQuM
.reurl.cc/	1970-01-20 17:44:29	Name: CFFPCKUUIDMAIN Value: 4898-Nj9wJGmsnQ1E2Ndxn4bGf2z8A7QLIa9b
.reurl.cc/	1970-01-20 17:44:29	Name: FPUUID Value: 4898-743eae0bb1f9d71daf6f48afba1ad897
.c.appier.net/	1970-01-21 01:48:19	Name: _auid Value: skkpYvPRBsKx2grVdNl_ZQ
.doubleclick.net/	1970-01-20 17:01:21	Name: DSID Value: NO_DATA
.hinet.net/	1970-01-21 02:37:17	Name: uuid Value: deb1daf6-d32d-4826-aecc-d52b6f5b2ac1
.criteo.com/	1970-01-21 02:22:53	Name: uid Value: cbc74e0b-e0df-4be5-88c5-5233a7408960
.criteo.com/	1970-01-21 02:22:53	Name: receive-cookie-deprecation Value: 1
.lndata.com/	1970-01-21 01:47:22	Name: admckid Value: 2312181332361605139
.reurl.cc/	1970-01-21 01:46:53	Name: __htid Value: deb1daf6-d32d-4826-aecc-d52b6f5b2ac1
.reurl.cc/	1970-01-20 17:01:21	Name: _ht_em Value: 1
.googleadservices.com/	1970-01-20 19:10:53	Name: ar_debug Value: 1
.holmesmind.com/	1970-01-21 02:37:17	Name: P Value: 130220-ZU4757dDkNyXtSeVkDYmzZmrk8NliXcH
.holmesmind.com/	1970-01-20 17:22:24	Name: Vision Value: 20231218-23:59,20231218-16,20231218-16,20231218-23:59
.holmesmind.com/	1970-01-20 17:22:24	Name: C Value: null
.holmesmind.com/	1970-01-20 19:26:15	Name: RK Value: null
.reurl.cc/	1970-01-21 02:37:17	Name: _td Value: cff76b5a-3a9e-4be2-980d-4d339adc53b3
.popin.cc/	1970-01-21 01:46:53	Name: __mguid_ Value: f5ef61ca9a877bb82i3twi00lqahbwlj
.reurl.cc/	1970-01-20 18:28:13	Name: truvid_protected Value: {"val":"f","level":0,"geo":"JP","timestamp":1702877558}
.reurl.cc/	1970-01-21 02:22:53	Name: cto_bundle Value: tqiEEV9kJTJGaHNZS3JsQzNqQm8xNFg0TlROa3B6YmNlWnlpV21DUUVlZkJ3RlVrR3VjZzUyQzRhajZGS3ltTkE1WiUyRkVDS2Rzc2xqanpkY3M5ekV3YW9YSkpoMktzbGRlY1ZYZk5HTyUyRlRNeDRlMm1veUg4dGtnbUhQVGRUdWl5UHlkOHhWT1JLVnU3UFhaT2lvN0p0eUhBSWkwQ0ElM0QlM0Q

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa56df6cacf4b5b1a4a93c20f6ab0d9b.safeframe.googlesyndication.com
ad.holmesmind.com
ad.tagtoo.co
ad2.apx.appier.net
analytics.google.com
anymind360.com
api.popin.cc
asset.re-news.tw
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
deb1daf6-d32d-4826-aecc-d52b6f5b2ac1.t.ssp.hinet.net
ecs.tagtoo.co
event.tagtoo.co
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
imageaws.popin.cc
img.gbyhn.com.tw
img.racingcharger.tw
in.treasuredata.com
inrecsys.popin.cc
invstatic101.creativecdn.com
jp-u.openx.net
log.popin.cc
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
r.popin.cc
re-news.tw
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent-fco2-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
trace.popin.cc
ttd-cm.tagtoo.com.tw
tw.popin.cc
uec.tagtoo.co
us-u.openx.net
video-fco2-1.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
scontent-fco2-1.xx.fbcdn.net
ttd-cm.tagtoo.com.tw
video-fco2-1.xx.fbcdn.net
www.facebook.com
103.132.192.30
104.18.35.167
116.50.36.71
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.180
119.63.198.188
119.63.198.189
124.146.153.162
13.32.50.110
13.35.49.117
142.250.196.98
142.251.222.2
143.204.86.129
151.101.1.55
172.104.70.67
18.136.163.161
18.172.52.51
18.182.103.101
182.161.74.11
192.0.78.187
192.0.78.24
2001:4860:4802:34::178
2001:4860:4802:36::181
203.75.214.136
210.59.219.34
2404:6800:4004:80c::2002
2404:6800:4004:80f::2001
2404:6800:4004:811::2002
2404:6800:4004:812::2002
2404:6800:4004:813::2001
2404:6800:4004:81c::2001
2404:6800:4004:820::2004
2404:6800:4004:822::2003
2404:6800:4004:824::2008
2404:6800:4004:824::200a
2404:6800:4004:826::2002
2404:6800:4004:826::2003
2404:6800:4008:c13::9c
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2600:9000:20c4:6000:1e:5c56:d400:93a1
2600:9000:20e4:5c00:0:e06c:e940:93a1
2606:4700:3034::6815:6009
2606:4700::6811:eec2
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f06f:0:face:b00c:0:3
2a03:2880:f06f:1:face:b00c:0:1823
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42:400::485
3.113.117.180
3.160.119.38
34.102.146.192
34.102.218.41
34.107.150.21
34.111.12.34
34.117.23.234
34.120.135.53
34.149.98.30
34.95.67.231
34.96.70.87
34.96.83.10
34.98.64.218
35.185.130.121
35.185.136.122
35.190.31.54
35.190.36.98
35.201.76.93
35.208.216.174
35.213.89.133
35.227.249.156
35.244.196.223
52.193.138.211
52.197.157.219
52.223.40.198
61.216.47.122
99.84.133.14
01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9
057c2344e0b50b00e1c724d669039ec2dcecc2bef96306e592d6796e79a427e1
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1c5653f9b6761b304fd2c8d00c742b1716a952495570da5d4a7fa391a3c52a
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19789b990f6d6ef5b34c1ab8cf3cb903cd61c6d2a1d6040954e63d669b6c9a94
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b
1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312
1f03351dce6d90ef1d3d3a9a804171bd18f8e12df5715183143832f68f10415e
208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85
219ce50e75e1de2a6e4faba77f3d2bb962c6357c3ce5d3da11f364b1ff93ef1b
222570e06f344e5619da684e0893ffac4dea5f711907913c6f2362a06dce21d3
23f0a1863e07ff5c15fb0012c60de98050e5fee97513941fe806744055519eff
2449912fd1c17116b0e83a0e75f63cdb99c921e4972ea58eaad49e9e9f048337
257e31e6f5dcf4b5a251f47ded5a7f169273b383b7b3392949d6662188fa4c19
264a0a28c23da253d460c72e9b7ff9e297a4e02ea590c5d20a1f0fa77bc9aadd
2650f0bf9347561322354447171981c0a052401f826695fec1281e29fa16c840
2736987e98de6fc58654107cbf827e6dee07c75ca0814b7638ce694b30ec26d3
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5
2d791b1dc3c3487ce531855f8bf186fec81cd534fc53f738f9128df3284a1dbd
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
2f105dfd3049ca8a18a25122e3caeaa2684487a517810128cb6c84f5846d193d
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
305e5ee74b4f4ab99fd3696506c89d761bbee5fe0a62ecfa595fb7c2b82bfe8e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef
32b55dda4206f7b00cd8ac1a899b3285755be0d7a402c3a7061b9773931cf708
353b802475ea4a2e76926cdf15dfc6363c09126b127e253ca8806120ff5fe85b
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
372e3a6ccf4db838ce71fc2958e7243c2fc00f939e6727d32810581cf5fee54a
37780735fdee3a818e05f9ca0d1aa2f435cecfee120db7065ce489efc2673e2a
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40aed79d831ca199fbcea81abba4f9010006a8e1d28e1031b3b4d6e98a832db0
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4213eb89ec58028238b025133974c6b52940606a347dec040f6de37193438cd3
4363914e61f20712ceaea8f4ff19886411a92c0636c34320dda02e22cf2bd41f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
477da0b166c8aece6551c8e7272df8d65b9e654045d0384855db2367dc1eedd9
484e2e4d30e5978b75cfd54b28412aff56940d0936029a5b476258c908aa7167
4b0d105254d128c213222b1622a49b34a17835b5b9ab56dfd8264cb15855d688
4cff4212145b681f769f38c90dcef6433f17863f418f00c2881fe547cd86c4c8
4d5814d56998e79b1e45795f1f23c9d73c5174109bfed2c57bd42102e6f415f2
4d6ab43adeab6b719e914094b0be273cd1269de2163db381faaf082b7020313a
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
514ba16fab9edb92239356c5f17c251adee88a76a533408c96bb5b5f0cc4e264
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54a08a99030869bed0728f75459470e1ccda7bbecb8189f2ff52b6da0c1d7ea9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5759a717b640782fc167a11651bbc63579dc65555ba559965caefecfd0b9d03d
5902e6bdf3a3663195d0adce8d18459c21395c665c760f6c87d0b7102a37d701
59b74c3ffb64fefccf2350519509d1505bbfd6184933c5fd9c85c03720e44f26
5b1d2b4001d65b0ac9cd1fae8bd5e6616cf30e71c1d5e0e0db3fc0a85b6b8140
5be7d5fd3ada226b10c41866a6a092a7f980fecc63283e151848225c0ec8f148
5c7ab60288a6cdd7666549df0bec15be85c1896d13613e85260037fd87a20948
5d4032bbf60c54eddf26d74e96fe3bbe5789ba9ffa00964f6252461138964825
5eae4627038267dcd72386b5ec02a8ec6a780fa3ed9e9b4b5320145773f64ab6
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
5f8de7cee98aac8df37124af2410ddfc2666f8a7726c23fc9133e5dbc39e9110
600c612f4248fc7e273b43e22c1d0bec2cc7ac798548e3e4c569f463f2dc919e
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
618ab940b496abecf63177b5fc1c0b45efa9de6fc899bde4077ed1eef9843067
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
650c5f605c2706575823936c7fa0ee6026089b324d5fcd2d873b96d40f5307e6
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
66612ef55fe31efc360ff2955105c099cc366108e0d69246f98913273638d5a7
669f1bd492f3e253163afa6786b377ce0026c5ae959c90ffcbc3a81c867dd738
67532efb1d983bae516a01d0cd2aaa8e3180e9db0c1bc818e36f65e9bacbe3e7
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
67ed3d5b419996e73e4b8d36ab9fc6d49cfcd32e459c2102012f0a14da60214d
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
6ad5457e747c2c385d94279725227544495fc185c8f3caae98dd7c30c9f4ea53
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
6c32f431eb95abb07ba006254d697d9ac347ad016ae53d764bc6c30f74312339
6d0cd37c1532ef095810991d0f54fa48289028821f2602202c38443e5377258e
6d1a269f3d581bea1047e7c4b220c25bb99e9a260cb8d199989895c6cc80721b
6dccab3bc4297c9ae3cb1441e1f7b392ca6ab0cadb44ac445fe5b3c5711be799
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
6f41f6fec89f59770abb2f36009d7539462b12a7b668bb5a263804876b437f15
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
73cd887838e31624c8094246f51f8a5fdbae518eed42150ecb1c3e8192977297
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
75b1edbd1699fd19dc0831928df8e391a97d42ff9c8e32e73d942943407294c7
763deff7b08a3986605affd1cfc0330ce63a88eb76964e57ff4aa37cb6c16d9e
76a3a3d32ada8fa2670cfed44a4369ecbb3a9b5a9d0c9a3e433662e9e2704e60
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8144edf2a14091059fa1b1550be7682fbf3f3b43d4520ad67f98f1e5c95f1906
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
8669a7a9bcc5559033b145d090ffa93590b711bf68dba036b818ed3584ee516b
86b9acc4886fa0b7401e4c233cb668fa6eee7287f7778e77c8c1b98e8f77d2ce
879aa623313c8e434ee5dedd776e9928738fd4bd34b1b8d6256ec62cff6b3d38
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8b58ff2331975a9f1e2ee2aebed2a9926ce3f395157d71d278ca304ff144be6f
8b9334d3e4b19d2536c0822f0f208bb724d0b3ae8ed74d6236e90818f1039d7e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8da452887edee97bc6bafb28dc684778e09a6136c47f5832d72b1a0e3d7daf59
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
8fff025680eb6e87d0e77310f4275d22d16a4ce751e9c65aacf2f6c22d765f12
900acf956ee86f67f38d161886f8aedb1ce8dc2d51379f4fa50c359905515809
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
927ff4d5d675f1e306c5945678dfb739e6cde892628b2992de973ed09566d237
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94ad19ef3ee83b4f3fbc3dc8c909d8c8fdfd041f33544e73de2e42d5af386eca
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
9638ea615b35a0294609caee49d3557013bf6383ca1279e52f0a4ff8d6366a38
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
97bddb1c684626d362d0a2a77e5a5d54406215ae2c08f5cddd1ceb7d3f6bbe6a
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9cdc3ce1b98380a4999530dc834a880dc74a7843e67cf92f5262ab6b03cc117d
9d065f9a29f3ae00a80ec8db1fd04ef9f704f90400565cc614cadb86736cf6de
9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a20765e5d4a6ad2eb6b870d966a04fd6ac94765e2b6b7b93fe9af13b3e975cda
a2a214081e1f3ea56cc068ad53949224dc0bf812231321efbad123cd56e60a2a
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a41a4c92e8300e09546dce94d4523c851ea9f20a9a8535949c42c9c72a2756f0
a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0
a860177d5df14278387df3bb346dad1fcc8b4cb5cb7cb890a184cbba3caabc46
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
acb7f348911d4315abd63bf31ceb92b197a7f6716794d71607aeea4a28d9f0ba
ae383572c5016f8de58f066e7c91f262808be00620e99eb814d0786f76732ce1
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af8e109b70edc18a51287def8c671a89514ecad3ad8b637bb4c400c0b6dc5092
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95
b78c80a9e96f9d67b611f6835b034a15c3fbc828be38f1b9e0e0407315d89deb
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bb24505f8583fd1494a1ad4708fbe077cddeba45275b8ba55a37f28bca63ec92
bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c080f221f569b8a4b7208f300af13ae9fd982454b06a9e4e2e66c79b81a53cdf
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c3521ababf7c02017061357a6935c48edd271c70586b05a556e3de6eb378f383
c55318da1b9fcd6c0ae6f60aec23328dd22b14ebeb49f3a6d3daf790c70883c9
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c842b7120016a266d97d5568e1071e01e91511ed7b3ffa9c2602fbb3edbedaec
c9bf88d0671d2785fda04b7cd56f96cae892990e5369e2b64e8592da49ade7ad
cbc993e523ed6ae192e238da109dabd7725125337b5d04967e9ec978a1f2430b
ce14a6ab18f4c70c73a91e37a9a7ff7bb009a33ce5041186e9788efe7eac9298
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d1abe31a63ea69ba668691d6bf5853ad2b3dc5c6ebfb44d4c79c2ab53146d572
d20139c9138e849d5f5935bcc482be2b21e43ae116ff4950ed4e5c89dba0184b
d24d9634bcd72da32ce4b3650b61844a3ee6ff78a7f5d2885a14c4e3319858d3
d2d78e9a943e5ae7be397f715b5df5a36481633611524ba210ca1016a88cad86
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d9da3eacecebe20c6c7e8d62b7a2fb3b2993d79f565fe819ce92fe8444ddf9e1
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfbb4cf2c707536049bb2436a111c475c148e9bf0926d29aa347d842b882892f
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b51c49d428fa8463f46232048c405279e9ef08761bec2d8ca652a5b6f8ca20
e5f4a0eac3261dcf6ea9d5d8dc3ea92dfaf5a3150da16c34fbe40c1376c2bfc0
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e7b761a27e196508d1a2b6d84a693949d47619e928464ea2f08f2dd93d9f9a16
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
ea6402bc80748ff4b15d2e9ebf10487c3189ef6b0562c8d2f0873ddefe96ff15
ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06b5c10883898ed28744cdf1873ec8de681a0f211f8d24339dc3297fdd8562b
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f4cc408ad19140cf0e8b2b0a4bc3bed7c2ab33de2622eef73d5c9afb586ea04a
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f7b2294c8a106daf035e283f661f1009c2474083de4afebc3f4d9f253bb5793e
f8819afccbc669fd15a638e862f3f54c79ead74cb4a457eea034ee4bdba9792d
f8b1888e480bff938d05607c064b5bb0fc3832671bffba92ba0efaba03138553
fa3a5f90de51ab1756dc57bc1eed15cea0c7c99c6c85e00b09455d1ca0157373
fd4143155d1e1deff187f0c29ac40fd4051c74a647905cdb702f85a7cff2d4a2
fe2cb72bd6658d10312459c6c5b2be6847b99b76bec706079adae9ba92b8ac87
fe5aec7794493f6a6be25e6641722624d2211a009c3e6c2c81cd3808d20e9de4

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

306 Requests

93 %HTTPS

34 %IPv6

47 Domains

85 Subdomains

76 IPs

7 Countries

7061 kBTransfer

17931 kBSize

47 Cookies

21 Outgoing links

Redirected requests

306 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

306
Requests

93 %
HTTPS

34 %
IPv6

47
Domains

85
Subdomains

76
IPs

7
Countries

7061 kB
Transfer

17931 kB
Size

47
Cookies

306 HTTP transactions
7 data transactions