reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 09 via api (December 9th 2023, 5:12:31 am UTC) from JP — Scanned from JP

Summary HTTP 392 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 73 IPs in 5 countries across 54 domains to perform 392 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.185.130.121 35.185.130.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
5	34.149.98.30 34.149.98.30	15169 (GOOGLE) (GOOGLE)
1	151.101.65.55 151.101.65.55	54113 (FASTLY) (FASTLY)
1	2404:6800:400... 2404:6800:4004:81e::2008	15169 (GOOGLE) (GOOGLE)
1 16	2404:6800:400... 2404:6800:4004:821::2002	15169 (GOOGLE) (GOOGLE)
12	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	15169 (GOOGLE) (GOOGLE)
58	2a03:2880:f00... 2a03:2880:f00f:104:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	2404:6800:400... 2404:6800:4004:80b::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4008:c19::9c	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4004:828::2003	15169 (GOOGLE) (GOOGLE)
4	2406:2600:4::1 2406:2600:4::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	172.64.152.89 172.64.152.89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.65.185.16 18.65.185.16	16509 (AMAZON-02) (AMAZON-02)
5	2404:6800:400... 2404:6800:4004:822::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	2404:6800:400... 2404:6800:4004:821::2004	15169 (GOOGLE) (GOOGLE)
1	34.117.23.234 34.117.23.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3034::ac43:961f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:efc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	61.216.47.122 61.216.47.122	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.160.17.71 34.160.17.71	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c4:2c00:1e:5c56:d400:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
1	52.74.150.191 52.74.150.191	16509 (AMAZON-02) (AMAZON-02)
1 7	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.172.52.51 18.172.52.51	16509 (AMAZON-02) (AMAZON-02)
9	2404:6800:400... 2404:6800:4004:825::2002	15169 (GOOGLE) (GOOGLE)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.166 124.146.153.166	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
3 3	99.84.133.75 99.84.133.75	16509 (AMAZON-02) (AMAZON-02)
7 18	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
2 4	2406:2600:4::b 2406:2600:4::b	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	2404:6800:400... 2404:6800:4004:826::2002	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:825::2006	15169 (GOOGLE) (GOOGLE)
33	2404:6800:400... 2404:6800:4004:81c::2002	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4004:826::2001	15169 (GOOGLE) (GOOGLE)
5	2404:6800:400... 2404:6800:4004:825::2001	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4004:823::200a	15169 (GOOGLE) (GOOGLE)
22	2600:9000:20e... 2600:9000:20e4:8a00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:140b:a80... 2600:140b:a800::17c3:5b8a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.250.198.6 142.250.198.6	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:400a:805::2003	15169 (GOOGLE) (GOOGLE)
4 5	103.43.90.114 103.43.90.114	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.65.185.129 18.65.185.129	16509 (AMAZON-02) (AMAZON-02)
2	143.204.86.119 143.204.86.119	16509 (AMAZON-02) (AMAZON-02)
2	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
4	52.192.8.212 52.192.8.212	16509 (AMAZON-02) (AMAZON-02)
2	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.192.40.163 52.192.40.163	16509 (AMAZON-02) (AMAZON-02)
11	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.227.249.156 35.227.249.156	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
6	54.95.167.198 54.95.167.198	16509 (AMAZON-02) (AMAZON-02)
3	34.149.43.113 34.149.43.113	15169 (GOOGLE) (GOOGLE)
1	13.32.50.91 13.32.50.91	16509 (AMAZON-02) (AMAZON-02)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
6 12	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
6 6	139.162.78.222 139.162.78.222	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
2	2406:2600:4::12 2406:2600:4::12	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	142.251.42.194 142.251.42.194	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
43	2a03:2880:f00... 2a03:2880:f003:101:face:b00c:0:1823	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:801::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.126.167.117 34.126.167.117	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	183.79.219.124 183.79.219.124	24572 (YAHOO-JP-...) (YAHOO-JP-AS-AP Yahoo Japan)
2 2	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 1	15.197.162.181 15.197.162.181	16509 (AMAZON-02) (AMAZON-02)
2	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
392	73

1 35.185.130.121 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81e::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2404:6800:4004:821::2002 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

58 2a03:2880:f00f:104:face:b00c:0:3 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:80b::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4008:c19::9c (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:828::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-16.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:822::2001 (Australia)

ASN15169 (GOOGLE, US)

77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:821::2004 (Australia) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com

asset.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:961f (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:efc2 (United States)

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.17.71 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 71.17.160.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c4:2c00:1e:5c56:d400:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.74.150.191 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-51.nrt20.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2404:6800:4004:825::2002 (Australia)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.166 (Kakegawa, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.133.75 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-75.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cr-p1.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.251.42.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:4::b (Japan) 2 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:826::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:825::2006 (Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2404:6800:4004:81c::2002 (Australia)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2404:6800:4004:825::2001 (Australia)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2600:9000:20e4:8a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:140b:a800::17c3:5b8a (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.233.84.8 (Japan) 1 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.198.6 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:400a:805::2003 (Osaka, Japan)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.43.90.114 (Singapore, Singapore) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-129.nrt57.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.86.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-119.nrt12.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.192.8.212 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.192.40.163 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.95.167.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.50.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-91.nrt57.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.190.36.98 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 139.162.78.222 (Tokyo, Japan) 6 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1558-222.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:4::12 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.194 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

scontent-iad3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a03:2880:f003:101:face:b00c:0:1823 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

video-iad3-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:801::2003 (Australia)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.126.167.117 (Singapore, Singapore) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.219.124 (Japan)

ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP)

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.31 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.162.181 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a8590cb26bb827b98.awsglobalaccelerator.com

tracking.prismpartner.smt.docomo.ne.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
98	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-iad3-1.xx.fbcdn.net Failed scontent-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 5254 video-iad3-2.xx.fbcdn.net — Cisco Umbrella Rank: 21111	3 MB
63	googlesyndication.com 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com	331 KB
46	doubleclick.net 8 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 ad.doubleclick.net — Cisco Umbrella Rank: 139 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515	514 KB
42	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 132288 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925 fcm.holmesmind.com — Cisco Umbrella Rank: 210108 fcm2.holmesmind.com — Cisco Umbrella Rank: 154750 c.holmesmind.com — Cisco Umbrella Rank: 107592 m.holmesmind.com — Cisco Umbrella Rank: 190604 ad.holmesmind.com — Cisco Umbrella Rank: 104322	281 KB
18	appier.net 12 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 52931 gocm.c.appier.net — Cisco Umbrella Rank: 2197	4 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	353 KB
12	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	74 KB
11	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84860 398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net	10 KB
9	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	477 KB
9	openx.net 2 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 424 mug.criteo.com — Cisco Umbrella Rank: 2811 bidder.criteo.com — Cisco Umbrella Rank: 776	15 KB
7	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 tps.doubleverify.com — Cisco Umbrella Rank: 505 tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 15385	128 KB
7	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	282 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 116978 storage.reurl.cc — Cisco Umbrella Rank: 432247	6 KB
5	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 229 secure.adnxs.com — Cisco Umbrella Rank: 478	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 428	104 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	90 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	57 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
3	ladsp.com 3 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818 cr-p1.ladsp.com — Cisco Umbrella Rank: 89534	2 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 38270 go.trvdp.com — Cisco Umbrella Rank: 34674 s.trvdp.com — Cisco Umbrella Rank: 30609	146 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
2	lndata.com cm.lndata.com — Cisco Umbrella Rank: 161265	940 B
2	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27502	3 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	717 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	13 KB
2	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133 prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644	2 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	515 B
2	re-news.tw storage.re-news.tw asset.re-news.tw	435 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	58 KB
1	docomo.ne.jp 1 redirects tracking.prismpartner.smt.docomo.ne.jp — Cisco Umbrella Rank: 110874	308 B
1	yahoo.co.jp cksync.yahoo.co.jp — Cisco Umbrella Rank: 3260	620 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 780	713 B
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 27242	595 B
1	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 92120	2 KB
1	microad.jp 1 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	525 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	856 B
1	alphaloan.co blog.alphaloan.co	181 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3858	107 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5797	248 KB
1	rayskyinvest.com www.rayskyinvest.com	612 KB
1	creditcards.com.tw creditcards.com.tw	49 KB
1	racingcharger.tw img.racingcharger.tw	307 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 534895	18 KB
1	gbyhn.com.tw img.gbyhn.com.tw	54 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	92 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20760	42 KB
392	54

	Domain	Requested by
52	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
43	video-iad3-2.xx.fbcdn.net	static.xx.fbcdn.net
33	pagead2.googlesyndication.com	reurl.cc 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com ad.doubleclick.net securepubads.g.doubleclick.net 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
25	tpc.googlesyndication.com	reurl.cc 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net ad.doubleclick.net securepubads.g.doubleclick.net 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
22	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
18	cm.g.doubleclick.net	7 redirects google-bidout-d.openx.net googleads.g.doubleclick.net reurl.cc 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
16	securepubads.g.doubleclick.net	1 redirects reurl.cc securepubads.g.doubleclick.net www.googletagservices.com
12	ad2.apx.appier.net	6 redirects reurl.cc
12	s0.2mdn.net	reurl.cc s0.2mdn.net 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
12	www.facebook.com	reurl.cc static.xx.fbcdn.net connect.facebook.net
9	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
9	www.googletagservices.com	securepubads.g.doubleclick.net 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com ad.doubleclick.net 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
6	gocm.c.appier.net	6 redirects
6	ad.holmesmind.com	cdn.holmesmind.com reurl.cc
6	connect.facebook.net	storage.reurl.cc connect.facebook.net fcm2.holmesmind.com cdn.holmesmind.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	storage.reurl.cc	reurl.cc
4	c.holmesmind.com	2 redirects cdn.holmesmind.com
4	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	ad.doubleclick.net	reurl.cc 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com www.googletagservices.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cdn.doubleverify.com	77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com cdn.doubleverify.com reurl.cc
4	googleads.g.doubleclick.net	77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com reurl.cc pagead2.googlesyndication.com
4	gum.criteo.com	2 redirects static.criteo.net
4	us-u.openx.net	1 redirects google-bidout-d.openx.net googleads.g.doubleclick.net
4	www.google.com	1 redirects reurl.cc tpc.googlesyndication.com
4	static.criteo.net	securepubads.g.doubleclick.net cdn.holmesmind.com reurl.cc
4	www.google-analytics.com	storage.reurl.cc www.google-analytics.com reurl.cc
3	scontent-iad3-2.xx.fbcdn.net	www.facebook.com
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	securepubads.g.doubleclick.net s0.2mdn.net 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
3	77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	analytics.google.com	www.googletagmanager.com
2	www.googleadservices.com	reurl.cc
2	b1sync.zemanta.com	2 redirects
2	x.bidswitch.net	2 redirects
2	624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net	cdn.holmesmind.com reurl.cc
2	bidder.criteo.com	static.criteo.net
2	mug.criteo.com	reurl.cc
2	m.holmesmind.com	cdn.holmesmind.com
2	fcm2.holmesmind.com	cdn.holmesmind.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	cm.lndata.com	cdn.holmesmind.com
2	stg.truvidplayer.com	go.trvdp.com s.trvdp.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	oajs.openx.net	1 redirects reurl.cc
2	www.google.co.jp	reurl.cc
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	cdn.jsdelivr.net	reurl.cc
1	tpsc-ae1.doubleverify.com	cdn.doubleverify.com
1	tracking.prismpartner.smt.docomo.ne.jp	1 redirects
1	secure.adnxs.com	1 redirects
1	cksync.yahoo.co.jp	624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
1	cr-p1.ladsp.com	1 redirects
1	um.simpli.fi	1 redirects
1	www.gstatic.com	624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	rt.ad-score.com	s.trvdp.com
1	prebid.scupio.com	cdn.holmesmind.com
1	prebid-asia.creativecdn.com	cdn.holmesmind.com
1	s.trvdp.com	go.trvdp.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	go.trvdp.com	cnt.trvdp.com
1	s-cs.send.microad.jp	1 redirects
1	tg.socdm.com	1 redirects
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	blog.alphaloan.co	reurl.cc
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	asset.re-news.tw	reurl.cc
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	storage.re-news.tw	storage.reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
1	reurl.cc
0	scontent-iad3-1.xx.fbcdn.net Failed	www.facebook.com
392	91

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-10-14` - `2024-01-12`	3 months	crt.sh
anymind360.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-17` - `2023-12-16`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
asset.re-news.tw GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.prnasia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-24`	a year	crt.sh
img.racingcharger.tw cPanel, Inc. Certification Authority	`2023-10-22` - `2024-01-20`	3 months	crt.sh
tls.automattic.com R3	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-03` - `2024-01-30`	6 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 39 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 8453CA1CF1BB1809DC5DACF8735E9F50
Requests: 53 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 3CB563CBEB4FA564E42BD18D2FD1C59B
Requests: 32 HTTP requests in this frame

Frame: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 64294309DC2D6CA71F290DDD8BB2B28F
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 06540BD0E0FEDAF7F4B19D63D652ED60
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPRBp1R3RZXtP0kT8kbNVRf4lI7KWlaDynPlkSaq8MA0dyyGoInHMFt_Bsm4NvRrd2WnV2rssTB0v2lV-CINJzpbZAY58PqqG_nouEJJCz6lWZHaCfNEeYjeZIIK6yo1KRjTlTyFNgWSH4RkabzpfQgeGoXBAIWWESeXhPPyEIStV0EAaUNpoKF4syjzjN13OWW44eln5RZXWhGzfiv9TzOKRtc8XqUwB0CVByrLV6zVikZjXtkr3AOi6-nAwwFJDJCHn2o2oAATsz5sXeRqPudJU69dYQ4TJr4P_G5Vor3tFncKpqz6Xg1AXPqwRUf3cUnrblXFzOMZ7J1jVITJGuKrSXc3PtvEhBXzwfvC3oeywu9CvPmt_OXxI&sai=AMfl-YTeyjQ-e9ssEsCKd9_kyhlPGqSfjAUprfdJh4gSytY6bjrgRjgzGHiKKh2gdir9LjkVxRJPeNis2tpA8aWVVeY1P_FmCL4Y37nzdTYadeNL-fcw3uJxnsQApmD1iLf94LqcWBwALony1ij8UstNBWp-wwrndtvXFthmH3c&sig=Cg0ArKJSzIMwG4fIL3QmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: B61966C1C447D41344E024FDD4D99662
Requests: 6 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: F155349DD3492C5EB97C0D4E2F060770
Requests: 2 HTTP requests in this frame

Frame: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 996BAF5C44B642C1B1A1EC3E6A567D32
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP65dhCO55oBGPyYmoACMAE&v=APEucNW9Visguu6RA3Gy47YLiX2FEL5ezDu_MeeofdvtXy3-aO1paA2f3vP4b14WLn9OePfqux92Tqu-WcpNLTfYN23bvv0G-A
Frame ID: 2DEAD2AB61EAD9E27DDA5BB9FE3DC04F
Requests: 4 HTTP requests in this frame

Frame: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2513F1C0F086BA76E0614666714BD81E
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 52DB1A2144AEB17564FD948133C7668F
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu75xun-p_ReZ8aOPyQT3t_9Pqh_65l8WKosADs62irmguThHa17rWNHvukOeAJsf3nHaqG5hRvQGaWcZ8vAY4QvJbK0IcT-9JHqcONrshF85HQ5CNbJAHfni5Ix7gapAWa3h9nrz1c9BsLSIc04HSzuPTpY47tI0Ye_itVGLDMfX2YwItMMKJruRwablQGxQ57E210o7cwgkKNIy-Tk9kbvIOGuixnXRA7Iu7ZBpxKwDcDSVdWqL2DmKNyv7sT9bQh5-6wqLgY9fWPKFsPWwXKec2Qi__NrMSW_sFo6XsZEFqIQBSVLdkisygsBPzwsceg1ARm5_n5xl5fGGH4y2zVyQu1cVhjsi4f2fa7YtdLaGA57UVvD9q8ZW5vllGO&sai=AMfl-YR4w0Y9EHcEgttx3tb70dBNtfsx8tYCFq000fhtq5aFO7XOxB1e3_Ug70sM7Dj_rcduDu_kvJ097cNHRwWDMIztTdp6TnY1ep306sBm7jMlqIgRDDQ-UGVa9Xw0TCiovEe79FD7n5RifX3sf7ggxKlVbDg7gGOCAmDJZg&sig=Cg0ArKJSzAg8yfXHh4dTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 63C847A3E313C2CC1E85CA8E985C18E9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswDrO8WZ_hCZi8C1pI1uPxKoieWO_ZVrn4lsi9roAS9HrF64LNsjozJZE45ZuIYfXACWDVjPM25RhsAvicEw8MA07aYN7hSB3A8J1Cp2trWPYSYz3HSW7Oc9CDarGDY5w-8LOBQd4acqzYF7cDrodNisye2MxRJ8oVk340slBBiyNJ2JHKaaUb02m7sSDmlWSgP0t_YZDf2ywD6gity2HCfKz7DQDYKnbHEZKTaV-wId2lrvfQZs8DqqHvKzwmGDicw1Uoa74Mny6h6e_TleaAl6d3mhadgi4kEMr9WdIQZDgulwCI9VLOCKtemtN-Wo2vmX9jA87orgVgQsrYjDhqTcV4YKo4elW2ftVvQWXn32a9GlpOQ3SzVVGdpKbO&sai=AMfl-YQPsUoGLCucL2ZBQsQ_3hfNCmZnLtGNvd1ymPokyxCKgRO7lAB4tIkYP9Jt9Rwuiz6MQiUIPNwIyajBeotgDoLxmqfN8Sf1uLfQ-pVk-NjL-mKyEkHocWz0QAipGGH6hfuHp3UoyLmmuvI6DfQu_FHIURMytFNMfG9BZQ&sig=Cg0ArKJSzFtMgU7NDjMLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6F17F5EA69927DB9BF5600CC9A70EE1A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNVeWxDgX0hQUE4TSzXAmmQ0wncdDOwlw2EAzB3_q_mQzeIXfT7VEveP3abO52LGGL--WjtO2VDlXtp4mIy9ZUPuA0nvow
Frame ID: 416039EF905A8E50C6812D1F4F236B72
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B5D96906E98E96113BAD2B7DFEB3B923
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
Frame ID: A23CB3A42182A554205FA6FC41AF78C4
Requests: 12 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 329D72960E7E874125DB6D77865BCA9B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 50C06D8F4A5D3AB5CBD5133D688C3A0E
Requests: 15 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 283DBDC38DAFC88C962238FAFC7F2834
Requests: 7 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 51C4CD7D55DB7865144E7B6A26F0795E
Requests: 26 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 7BCE37D93FA333844554497A07B2745C
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: DD178D7A89CC3B3E371DB380A7822A84
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: E00600B5FE490359B4A6732C9EF93107
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: FC66E13071FEA4A3CC9E31F9426BE8AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: F1D09C7A6E4AA223C3BFFE59DDEEF632
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/23016/ccf5c33937c6404c55f8f9e56471643d.jpg
Frame ID: FA0BFEE86C7BE88B5702474D0FA2EEB5
Requests: 5 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
Frame ID: A5B7CC97C21ABC48C8B345AA8D4656C3
Requests: 85 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: 4E33C120CA1F371881F284A358FD762C
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 008A9B809001D96A884031994D092FFD
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6E54506D623CA20068E2BD53152548AA
Requests: 3 HTTP requests in this frame

Frame: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: B9F2859C442CC63F16D6703D7BB1D07A
Requests: 1 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702098744&level=0
Frame ID: 29D527154F8C66DF4794BAA4BD6BF5D9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4483E710A671558A29F4E492F4B899C7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB9558365D22DA7801870C7E89ADE5FD
Requests: 2 HTTP requests in this frame

Frame: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 0D204F1ACC77D18EAA74F33F3B85F18A
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EADBFF56998BAD2671B415644B8C5C81
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 7D634CE6F84D127C2150EFED7B766FC9
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: E81BFBCA18C7AD071E43EB63DCD378CF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D31A4E13BDCBE093D4F84CF3C320C460
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4D1566247448F0340DD1D818F4CF5E45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

392
Requests

90 %
HTTPS

37 %
IPv6

54
Domains

91
Subdomains

73
IPs

5
Countries

7779 kB
Transfer

20611 kB
Size

62
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/155

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/53267

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4288952_XG88952_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/45287

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/604

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/111057

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/6529021929c8b98fa9eb5390

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/21512

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://www.comptw.com/
Title: 台灣公司查詢網

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

Request Chain 80

https://match.adsrvr.org/track/cmf/openx?oxid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ba69f9a0-ab33-4062-b479-9cf32f659ae0&ttd_puid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0&gdpr_consent=

Request Chain 81

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXP3NsCo8X8AAE6EtgQAAAAA

Request Chain 82

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVoX5UzWzK04ks8AEDmpj8xGsc8AAAGMTP2rhQ

Request Chain 84

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1

Request Chain 121

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1

Request Chain 123

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXP3NlXlaR55gr7Hr9bIXAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELtCo0WZIob1z1t8fOhahRs&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtCo0WZIob1z1t8fOhahRs%26google_cver%3D1

Request Chain 130

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D

Request Chain 131

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1

Request Chain 132

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjdiYmZlMDMtY2UzYS0yYTA4LWZhNjYtNGUyOWJhMDk0YWJk

Request Chain 133

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 161

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1

Request Chain 163

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=vj2mB3xMTXhKTURMZUpxRlNCTG4ybThlUTlDcFJ3TmdNZ2lmNkFPZmZoUTBVS0p0dnBsRDVLS0RtRUdza0VpeHAyc0UxejdsVVV1djlGTXdMaWFTQVJ0RDRGQkpkU1dpdFpQMUVUZEw0cE9HU1JDSlNXc3V3OEdpVXE1eWx0R0djQ3dqVmpmNzgzbS9LRHRzZ2JSQk9NWHZSZ241OUZLS3FoRmM5N2N5U1diTkNFS0VVK0s0ZU5nQUNtNm1RbzNncXVNN1JUYTdrcGpwbU5ZNnVBK0ZMdzFNZW5EZzhiZ0hwcC9SN1VTUXBDSGEybGxtQ0dINUJiN0tXVmVHc0VFd1NUcFRJQmNFWktNYjBocDRLQ2d2MjFEWEF6QT09fA&cppv=2

Request Chain 166

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1

Request Chain 205

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=sd7ZmhTjA0OkoScyN_dzZQ

Request Chain 206

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=ka1gIUdSA2yohF6dN_dzZQ

Request Chain 207

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=5AUmHs2PCt6-lfBKN_dzZQ

Request Chain 208

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=vlHLC-yhB2mz4gmEN_dzZQ

Request Chain 209

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=ddLKtWelDZKTOeiuN_dzZQ

Request Chain 210

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=1cRitdzJADmTaJm6N_dzZQ

Request Chain 304

https://um.simpli.fi/gp_match?google_gid=CAESEKZk73qYgOPI7E7n9FyEbms&google_cver=1&google_push=AXcoOmRDqNrwhiVaXXvzKxFzSJ7ucPthNoSULMmqR2MiKq4dutS_aY3MSq8pxj-bzdQGluZrvYCQnpGDgI_M7ThB110INgSvb9iS HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=453887C6263246F8A04FABD00A86BFAC&google_push=AXcoOmRDqNrwhiVaXXvzKxFzSJ7ucPthNoSULMmqR2MiKq4dutS_aY3MSq8pxj-bzdQGluZrvYCQnpGDgI_M7ThB110INgSvb9iS

Request Chain 305

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmSR_MUairpQ6Ci0FlpAOuoSYClu_7RqIq892oo7TfUI2MEbhmFxRdICISnA4hGf2ra7V4hGnxBB9zDqoqr2OFIkZMy1tuM&google_gid=CAESEAQfmwiDFH4g1rTPBR0Blj8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSR_MUairpQ6Ci0FlpAOuoSYClu_7RqIq892oo7TfUI2MEbhmFxRdICISnA4hGf2ra7V4hGnxBB9zDqoqr2OFIkZMy1tuM&google_hm=Aflb8WCWjbdwks8AEDmpj8xGscA

Request Chain 306

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMHjLrIEZmQmI6z69Xx0lrY&google_cver=1&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEMHjLrIEZmQmI6z69Xx0lrY&google_cver=1&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR&google_hm=RQ5nbH3wQ9uiZustAzCYNg==

Request Chain 308

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESED53bQ-BOE0Anahp6OfWJJs&google_cver=1&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ipkEowIeyV13iPiV8gz9haMujNg HTTP 302
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESED53bQ-BOE0Anahp6OfWJJs&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ipkEowIeyV13iPiV8gz9haMujNg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ipkEowIeyV13iPiV8gz9haMujNg&google_hm=SXB0ZU0tWFN4MjNObTJJeU9BSFk=

Request Chain 309

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIRWgHVMCdZEimOzF9klsHo&google_cver=1&google_push=AXcoOmSi7392JBlCbkYNl2oXmHj__SrCXvk_9Br3lPGernhfiqyLV7G6ulVTkSy_pVtSagaEbaj_V2E77jFFu5nC3iJB1t9_PPzHyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D&google_gid=CAESEIRWgHVMCdZEimOzF9klsHo&google_cver=1&google_push=AXcoOmSi7392JBlCbkYNl2oXmHj__SrCXvk_9Br3lPGernhfiqyLV7G6ulVTkSy_pVtSagaEbaj_V2E77jFFu5nC3iJB1t9_PPzHyw

Request Chain 310

https://tracking.prismpartner.smt.docomo.ne.jp/sync/adx?google_gid=CAESEBBjyBsLsRM3Dj1kv44AqNg&google_cver=1&google_push=AXcoOmS_V2FtYGBpg9JC3ExM4z1rhjHbdv-WvFiffg5m10JAgGg-IK18KYPo0UfvfP9QzAsClKuMIFXIuvb73IRp1ljk4tn8YJTK HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=WahpiSwXT4ucYP6A34HY2A&google_push=AXcoOmS_V2FtYGBpg9JC3ExM4z1rhjHbdv-WvFiffg5m10JAgGg-IK18KYPo0UfvfP9QzAsClKuMIFXIuvb73IRp1ljk4tn8YJTK

Request Chain 314

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg_24N_dzZePZO92Yid4Pgu2toAnh6KzIdMbE-uf0EWQQASDSzIEaYInzxYT0E6ABvNymmCjIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsgJP0GDmfbiGpay1YjPJ7bsBGIVMfqLc-Sd68Fxc3f55hNY26Lh64ockoFckPGgBeNXwJUNJn6r30JHXDts_SVXeFK7t_FHKqPR8sM0ui09xRE3yN2H5EWE4USPPH15iamtfwqqzg0CNwszsIobRYqm9QsezPBWc53GHlbStAzSa-KZZkl8zPJAafvF9gAVbg2c4rJcgGdskFLV-AU1rvGh8Fc4O3WpojGvk6W61dI-QsfWCWavykd45W-mcg87OOCYIvLhjAaQvI9OWMLCaklHTRFeVUUZMMOXY0LgjBEm2-6NniEMcPpZm_pKVLCvmOz3WTTIFg4eFM0eaBzNhGvAH6HdDwADQQNDwHCAkUDEoAjQ6zfJn5Q63vPXAnj761OY1r5eCzEXPRGJbQrQ49vX50X_ABKzmzIPDBOAEAYgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCMlwTSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljFrob4y4GDA5oJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKA8gLAZgM5Ln81twEogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQkN_OsOW6nYAMEgIBA-INEwjj1ob4y4GDAxVdTMIFHYJ2C5S4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=qc2CZmUG5tE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNxjGvv9qttXzkAq_lBfyAf3QE1CdFvn3yL0kTwA2OQijwxSf857k2GjoaFvgc73zZQWpksYMtGAE&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3af5ce0dc9132dd00000000000000000%22,%222%22:%220xa23ad81048d224270000000000000000%22,%223%22:%220x4ff62c57ec79b0d30000000000000000%22,%224%22:%220x61c6fd538bfd96ad0000000000000000%22,%225%22:%220xc1f1cdf5365790a80000000000000000%22},%22debug_key%22:%226041664584211812415%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218356160233889603473%22}&andc=true

Request Chain 377

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=1pBJzl96Rm5Zako2b1F4R0F1JTJGWHBGdjBISEUlMkJPcThEU2x6NVFGWTltYWhoZUpORkZSamo3Q0RLR1J2JTJCcVdxT0VEaSUyRncyUldVcyUyQnhDeG51T0F3aEhydm9nU21yampvTzJMaTZCSGMlMkZVTkczb3ViRlh6QW1XZlJCeFlFWHhGTERqY1N1TkpseEtjdFJqcEZrZ0VDYnRDcEwzZGclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=Wa82lHxzQ0d5OWhyNEpDZERFN0VRNkd5VnY4SUJJQWpHWVJaTHFKaXBNNjR4YnBtUVdHVHpOR1BYNmdoV2M1OGMvWXNXSkpoMFJsemlVOFk4K1ozcmJoeTNzaWl0VUNzK1h3NXYwR0ZwTHdUUnY3cDZGUHlIRG1DNUw4ODUxUE5UVkliY1VBNWVUNFlrcGx1eDJ1UThWM0pmTmFna2NQdVZ5Y3BqSHl1d21Dd1FGUEdoaTltZnloQjlZdkJyUU1DVHZwRG9lNjNSdVJESE5vUGF0SDZNNWZtQ0VoL0dyOWtvcXJ3U0VjVkhCVFpMOHlDL1lJcUpNVUcxMFJ0bi84bm5jdjg3QTR5RVRjSytmM3pGTTYraXp2eFRIaXhEVFErT1I5Z01XS2F6dm5qMXVjOD18&cppv=2

392 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gaOWLp Show response
reurl.cc/ 10 KB
3 KB 258ms
53ms Document
text/html 35.185.130.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: da8cb2bc6469722e3de0af111c2b7b8b504c2c39257385a5b3e3f843f409da23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 09 Dec 2023 05:12:20 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
target: https://cla2.cn/SpY
vary: Accept-Encoding Origin
x-request-id: 93550e89-ffb4-4bc2-9c72-8d2ff31ed95b

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
26 KB 33ms
2ms Stylesheet
text/css 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3885107
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700056-NRT
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1 KB 112ms
4ms Stylesheet
text/css 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:21:04 GMT
content-encoding: gzip
via: 1.1 google
age: 21077
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-request-id: fc8feb72-8536-48a6-8028-d83a4a364c4a
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 177 KB
42 KB 24ms
3ms Script
application/javascript 151.101.65.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

expires: Thu, 07 Dec 2023 14:06:43 GMT
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 140738
x-guploader-uploadid: ABPtcPpQsXg9lzBT5aOpD9grjhC9iLm1TjYzCzHH0J6yIKiAdthURi_Ywm4EYN5AKr8iJmMJsYiCRVITHA
x-cache: HIT, HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42279
x-served-by: cache-tyo11954-TYO, cache-nrt-rjtf7700027-NRT
last-modified: Mon, 20 Nov 2023 09:15:25 GMT
server: UploadServer
x-timer: S1702098741.065354,VS0,VE0
etag: "dc1bad45759bbb89536459f2c34eaa21"
vary: Accept-Encoding
x-goog-generation: 1700471725490318
x-goog-hash: crc32c=3IRkSQ==, md5=3ButRXWbu4lTZFnyw06qIQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 42279
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 1112, 25

GET
H2 200 pixel.js Show response
storage.reurl.cc/javascripts/ 429 B
524 B 4ms
3ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:13:28 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 25133
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 429
x-request-id: 6f6197c9-1013-4bef-ad73-69af48af7a84

GET
H3 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
559 B 6ms
5ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 01:24:20 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 13681
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 536
x-request-id: 0300c24c-ec56-44a3-8d76-8eeb2f4e858d

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 85ms
44ms Script
application/javascript 2404:6800:4004:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5e0b529be7af42b2e5c1b45bd28bfb3654e52320a61f1718ba38ba22265ed551

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93886
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 09 Dec 2023 05:12:21 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 92 KB
30 KB 132ms
91ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b275a0c7a4d0eb698c158d664d03fe21c34fa3f36af5ed6337fe7da98a8e8a83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30283
x-xss-protection: 0
server: cafe
etag: 834 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:21 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 33ms
4ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6408120
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700056-NRT
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
749 B 109ms
3ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:32:17 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 2404
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 412
x-request-id: 3abe074f-f7b9-4f7b-a309-7a2b3acdfb57

GET
H2 200 loading.js Show response
storage.reurl.cc/javascripts/ 134 B
229 B 110ms
4ms Script
text/javascript 34.149.98.30
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 23:35:46 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 20195
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-request-id: e2d0472f-037e-422a-9919-3ab48de56c7c

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 3CB5 95 KB
26 KB 265ms
164ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f5157592996000cf9a85a4ad2dc89567e41b996719035e766c1a7d9698fc1bdf

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:21 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: tNiCSt5vklGc5MQ2g6UF4G0dUXMiGAwufIjI9pN5dUAQ4/it9q27z7fY1RqZgScwl0LA8J6uE9Sejkt5i8a6fw==
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 318ms
44ms XHR
text/html 35.244.196.223
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: a1d556d896be458387c94aad51e8db8d09b622547b721de82ea235b192aecee4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1c7c-U0eXmiGglUyzEg1Rr7DDhQw4fKw"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7292

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 98ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 05:12:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hKuaUoql6rGy6WusbamSx+l3CwS3GI85sh3p4P/JALjR6BSHySB5CqAsF3rZ9sbsdXX0b1Gtobc+CGJ8yIKUZw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 47ms
3ms Script
text/javascript 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 04:28:58 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2603
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 09 Dec 2023 06:28:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 42ms
41ms XHR
text/plain 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=669929596&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2085653187&gjid=1846043755&cid=778870899.1702098741&tid=UA-102456694-1&_gid=936829273.1702098741&_r=1&_slc=1&z=1565846392

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 2ms
2ms Image
image/gif 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=669929596&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MzEuMjA0LjE0NS4xNjc&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=778870899.1702098741&tid=UA-102456694-1&_gid=936829273.1702098741&z=1801398952

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 21:39:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 27154
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 126 KB
33 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 05:12:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33827
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 2L4zrrGOSce83LbMsVGjJGstv2Fim11lksgYK6jcZ4ch28F16yVF1WM6ABEouUcmS+FxMUkYD/G5P3mt22V/YA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 86ms
39ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702098741161&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=778870899.1702098741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702098741&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=572
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 138ms
46ms Ping
text/plain 2404:6800:4008:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=778870899.1702098741&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c19::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 90ms
47ms Image
image/gif 2404:6800:4004:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=778870899.1702098741&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=2046590623

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ 432 KB
135 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2497
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 04:30:44 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
347 B 122ms
46ms XHR
text/plain 2404:6800:4008:c19::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=778870899.1702098741&jid=2085653187&gjid=1846043755&_gid=936829273.1702098741&_u=IEBAAEAAAAAAACAAI~&z=2098970590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c19::9c Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 3ms
3ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702098741373&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702098741370.261069306&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702098741308&coo=false&cs_cc=1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 09 Dec 2023 05:12:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 463ms
174ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 05:12:21 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 36ms
13ms Script
application/javascript 172.64.152.89
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 34006
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 832ac0ae0bbae07e-NRT
expires: Tue, 12 Dec 2023 05:12:21 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 24ms
2ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 02:36:08 GMT
content-encoding: gzip
age: 268573
x-guploader-uploadid: ABPtcPrzhqbhZjv7bM7br6pJ3NIIBiH5qc7wUBgq3yOYccE07JrMSAq2kZcEsqZhQF1n9T1NUiO83Jney5Y5WBSegqoRWA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 05 Dec 2024 02:36:08 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 251ms
231ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 55df0a2fc2544b6307d6762c0be6f150
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 93ms
3ms Script
text/javascript 18.65.185.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-16.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 18:44:42 GMT
content-encoding: gzip
via: 1.1 d947c63dfd9d1ccbe9f338254272c65e.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 37660
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: KCpJHX14L45YU8cuTlHqSPNfCyOZf8EAChrgXlDjBgceoiqX-6OFRw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 259 KB
74 KB 505ms
505ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3978633045622365&correlator=4120340530578367&eid=31080080%2C44807746%2C31079527&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702098741416&lmt=1702098741&adxs=245%2C1005%2C245%2C625%2C245&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=778870899.1702098741&ga_sid=1702098741&ga_hid=669929596&ga_fc=true&dlt=1702098741037&idt=349&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

756acb6e4a956ef537c08241bb3b72d28f86c1e8a45c99e9753f3376b1b65e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75727
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,6297900949,6297899953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138432357881,138432362607
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 371ms
370ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3978633045622365&correlator=4120340530578367&eid=31080080%2C44807746%2C31079527&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702098741425&lmt=1702098741&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=778870899.1702098741&ga_sid=1702098741&ga_hid=669929596&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYptH258QxSABSAghkEhsKDDMzYWNyb3NzLmNvbRim0fbnxDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YptH258QxSABSAghkEhcKCHJ0YmhvdXNlGKbR9ufEMUgAUgIIZBIUCgVvcGVueBim0fbnxDFIAFICCGQ.&dlt=1702098741037&idt=349&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4433f0560fb0eb4af4f66ae8d75492d47a522e166ae13a787a5bc42b2698d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12602
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6429 6 KB
3 KB 124ms
42ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:21 GMT
expires: Sun, 08 Dec 2024 05:12:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame 3CB5 20 KB
5 KB 17ms
7ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QZ/F21WCMvVioyUwMJMxZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5281
reporting-endpoints
x-fb-debug: qfPpHs6nqMNSOXyH7qybsBCahNWVEEorv4r3CvCYGA0Jfr4PCcPtt1r1nJnBB1zVVTnJxYQPoDm1Kxz9tPZjZg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Mon, 02 Dec 2024 06:01:40 GMT

GET
H2 200 V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 3CB5 33 KB
7 KB 21ms
12ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mEms5HNO4RW/YAm2lY0J/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6478
reporting-endpoints
x-fb-debug: E4nAuaV1SCyhiPFXj6qzduxQ8g9S78gVarQEck7u+1q7wEF1UuMmMsqgglzbh7AhR6YCxwy6ZHIf7PQXw3a9oQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 00:22:25 GMT

GET
H2 200 L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame 3CB5 21 KB
6 KB 15ms
6ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YxGy9ULmNYpse9KBe8qMZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4833
reporting-endpoints
x-fb-debug: slIKIUQg6Q+s8Zq4URqX7fxy5YXu0EiGE3dgNeuLJXCvaoLpIwIlWhEw/A7IKeB7iQk0eEgvx94XZ9xWmTxiUw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 16:54:26 GMT

GET
H2 200 JS2LsxE-gw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 3CB5 354 KB
92 KB 22ms
13ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Veg+9swSo/ybchlTfP+avA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93749
reporting-endpoints
x-fb-debug: zn/I2ZckP8Ozbhs31jzZbKLd7wi99zkNBQVfTUtJ5nl6B0W4/hZBo03YU0DY0Du894WEGDQOzzBjolGByQASjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 08 Dec 2024 01:07:24 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 3CB5 94 KB
27 KB 23ms
13ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: 1fzFmoi+pphG5TCQV7m3z97XpIwQgaC5X7N/AYju5SbEgaC/9OT+amolgt7g2tUC2b6AN9lD7IDYJpkF8lPQRQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:15:45 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 3CB5 7 KB
2 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: cBAMnlkcODmUiQw2iSKvWJs8Fz3hV6m5wrHIcFT0ktesrQMcqel4YbFsMBheVbp2jmQwtaqzo+eoEuuvO3JCKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 02:49:04 GMT

GET
H2 200 5iH8lLqlxlJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 3CB5 52 KB
17 KB 20ms
11ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/5iH8lLqlxlJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c5d4bd00c93f687b2f1c47656a5dcee22ff87ae4dc205dd7d982d1082532cc29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /PUjyDQo/qxByU6XD7sEBw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16835
reporting-endpoints
x-fb-debug: yO1bGl8+n2Otbm/q0fCR/8QIrOIeDOSXL7UZV0kAl/j7KSxIsLuT9ELe/N/a284dMeUU8Pu8CQWWCRc9UESd6Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 00:37:42 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 3CB5 507 B
536 B 15ms
6ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: m6IjFNUsvGV+C9CYuajPb2siXBgXs9tIgYLKB3O9XWWrcDLPCQ/2diD4YPFcUvhurmy9tyS48FNeo9Z+IDBgsg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 17:06:42 GMT

GET
H2 200 kUrCp987F5r.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/ Frame 3CB5 28 KB
8 KB 15ms
6ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yd/l/ja_JP/kUrCp987F5r.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cO3XBqtxUlL4qpnQkU3adQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7937
reporting-endpoints
x-fb-debug: 7a5CWQAAF4kqYeJ6/vPvZ6+7nwMarKPrI2julV5G/YkC58J3yTj6fBzWiPI2sK9h0AwCiNRqw0kAOcj1lz98/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 19:59:12 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 3CB5 71 KB
20 KB 15ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: phAMyoOpvbhoet00DvMWkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20298
reporting-endpoints
x-fb-debug: yZbpd2o3fLhROIOH8hoZTPnoBRnqlnprzxR1yPsqrxMxmfLQz8w7EpICezXygPjWMN863icGZTYVe6boFbT9uA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:17:53 GMT

GET
H2 200 a5lyNsAxenJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/ Frame 3CB5 348 KB
82 KB 18ms
10ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/y9/l/ja_JP/a5lyNsAxenJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0Ycn4CdUMcQu52zpN8q4Lw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83382
reporting-endpoints
x-fb-debug: scIeYd+NKocNAbRDRdbCk7Rahar0ojrgiqnqiZMqwz4Cs/M2kCOXWw9hl2o8YzsfIZMUEHJJQuWebS75YCdBRg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 20:01:42 GMT

GET
H2 200 TioQWlTZ3BG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 3CB5 397 KB
94 KB 22ms
14ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95634
reporting-endpoints
x-fb-debug: fGGS1ELDGTo+CxJ9Zde2GLyvzwhqVyCy7/I9ULUf7et1Of95ntdiVVHuqJwfy28wlAhGEKOBfJHDSBdNiM3l/Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:24:03 GMT

GET
H2 200 qb2Dj7XLRaI.js Show response
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 3CB5 57 KB
18 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/qb2Dj7XLRaI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4Adm+FXxkwDjHgLJ9sF/4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17829
reporting-endpoints
x-fb-debug: aHu/491AmnYv9z/kZe0Bx2rG0Kwe84eAm8dH9n2eH9JIXeHm0NGEC70Cq4WJolEjd4RRFfb4B4KBs4mMU6MKDA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:13:51 GMT

GET
H2 200 8ymKMCefWgD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 3CB5 209 KB
60 KB 21ms
14ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/8ymKMCefWgD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 30iKdJ7w93p6Ga9jpgjUMg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60955
reporting-endpoints
x-fb-debug: 7I7U8ZS6XjsTebaoS/bc8hNp1kh4eVlmBa5p71nbXzj0WJ8cqMxNGE0lWC7bauS04lrLnNTjmK6QfR/9AWrEgg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 23:31:06 GMT

GET
H2 200 EjdAug5mQIB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 3CB5 28 KB
7 KB 18ms
11ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QpoZNtNrb1RRm+1fPhnrPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7378
reporting-endpoints
x-fb-debug: L4JahRMi2bae+nKl9dgbStpnKWcBKSUdhGOP/WUpIMZZ9xLN3qhSE/bDsRbXcXeQLZOu0BLGlTfvz6nCdJp8vg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:55:42 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 3CB5 55 KB
15 KB 18ms
11ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: /1yCn+CJ/pf+p2y7SaFESYsOkr1Xiyn8gBNemtcPx93md4PaIRrhNlAlAQGSGqi/FLk6VEEhRB4UDcj8x20FLw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 17:43:58 GMT

GET 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/ Frame 3CB5 0
0

GET 305964663_450890893727816_1742559653774706626_n.jpg
scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/ Frame 3CB5 0
0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

85 B
192 B

151ms
150ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 1b3c4645469b30443626b0683603b69d4231b2eb96719083a861bd968b7c4bc1

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-0sWpgYmSse0BmBs6pVUVeewQd3s"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sat, 09 Dec 2023 05:12:21 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 89ms
44ms Image
image/gif 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=778870899.1702098741&jid=2085653187&_u=IEBAAEAAAAAAACAAI~&z=1024255580

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 45ms
44ms Image
image/gif 2404:6800:4004:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=778870899.1702098741&jid=2085653187&_u=IEBAAEAAAAAAACAAI~&z=1024255580

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:828::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mocpogo_01.jpg
asset.re-news.tw/images/ 427 KB
428 KB 336ms
5ms Image
image/jpeg 34.117.23.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.23.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:18:10 GMT
via: 1.1 google
age: 3251
x-guploader-uploadid: ABPtcPpmw1I33RTaMoc2gYNP_dTbWB3NJaLDWwb8S1oUoX-h9Mr402FtqvfvddsDldCegWffbRnvATJ8V0weVXlR2MKYfw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437364
last-modified: Wed, 18 Oct 2023 12:58:27 GMT
server: UploadServer
etag: "2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation: 1697633907721269
x-goog-hash: crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type: image/jpeg
cache-control: public,max-age=3600
x-goog-stored-content-length: 437364
accept-ranges: bytes

GET
H2 200 1702045643-1862908c757191fc2b6b1595b83b354a-840x525.jpg
img.gbyhn.com.tw/2023/12/ 54 KB
54 KB 75ms
8ms Image
image/jpeg 2606:4700:3034::ac43:961f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/12/1702045643-1862908c757191fc2b6b1595b83b354a-840x525.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:961f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c9dd4183d54fd885636b39d8775c7abe9474544ab32dcdb30f52d2df5f9d451

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49842
alt-svc: h3=":443"; ma=86400
content-length: 55188
last-modified: Fri, 08 Dec 2023 14:27:24 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RYYe9moHanbWmS9qp5tXbkLN2OjFffALJoxQVNs1KiUdbVJRTDzvduKI4iYwVOYGS%2BUhc6%2BKuixSseLLH6jVtwqGQ%2FWmDjNsMtP3rz42s4DbHLF7ShwnUF8GZQOGFeUsQybnHVZGCSiRyg1U77h"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 832ac0aedd0aafbd-NRT
expires: Fri, 15 Dec 2023 14:31:26 GMT

GET
H2 200 ESR_Logo_Logo.jpg
mma.prnasia.com/media2/1876479/ 18 KB
18 KB 38ms
17ms Image
image/jpeg 2606:4700::6811:efc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/1876479/ESR_Logo_Logo.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6811:efc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
cf-cache-status: HIT
age: 57117
x-powered-by: ASP.NET
server-timing: intid;desc=cbb846fcf3a00f17
content-length: 18053
cf-bgj: h2pri
last-modified: Fri, 08 Dec 2023 13:16:21 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 832ac0ae8dc67360-NRT
access-control-allow-headers: Content-Type
expires: Fri, 08 Dec 2023 13:16:22 GMT

GET
H2 200 2023120802095359.jpg
img.racingcharger.tw/wp-content/uploads/ 307 KB
307 KB 911ms
225ms Image
image/jpeg 61.216.47.122
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023120802095359.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-216-47-122.hinet-ip.hinet.net
Software: Apache /
Resource Hash: 9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
last-modified: Fri, 08 Dec 2023 02:09:57 GMT
server: Apache
accept-ranges: bytes
content-length: 314534
content-type: image/jpeg

GET
H2 200 2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/01/ 49 KB
49 KB 523ms
109ms Image
image/webp 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/01/2023-JCB-%E6%82%A0%E9%81%8A%E8%81%AF%E5%90%8D%E5%8D%A1%E6%8E%A8%E8%96%A6-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.nrt _atomic_bur BYPASS
content-length: 50242
x-nc: HIT bur 4
last-modified: Thu, 30 Nov 2023 05:13:28 GMT
server: nginx
etag: "fe1c2850a81cccd5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sat, 29 Nov 2025 17:13:28 GMT

GET
H2 200 %E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 612 KB
612 KB 294ms
6ms Image
image/png 34.160.17.71
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.160.17.71 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 71.17.160.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Sat, 09 Dec 2023 05:12:21 GMT
expires: Fri, 06 Dec 2024 17:04:26 GMT
last-modified: Sat, 02 Dec 2023 07:13:09 GMT
server: nginx
etag: "656ad905-98e3b"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 626235
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 248 KB
248 KB 37ms
3ms Image
image/png 2600:9000:20c4:2c00:1e:5c56:d400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c4:2c00:1e:5c56:d400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty/1.21.4.1 /
Resource Hash: 0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-seen-by: image-manipulator-7c76496fbd-bz6ff
date: Fri, 13 Oct 2023 11:18:20 GMT
via: 1.1 google, 1.1 78fd2dd77f1411fa090a7c2472c34d76.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: NRT57-C2
age: 4902841
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: a4zV-po6KenFcQfB-fXCHlWPTfQLJbz-uEb8eil9LHhVOlXA2erMWA==
content-length: 253615
wix-tracer: 2WhrxaKwv8p2lJNwgKmnBT7r70v

GET
H2 200 2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 107 KB
107 KB 24ms
4ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109448
x-nc: HIT nrt 8
last-modified: Fri, 13 Oct 2023 09:02:46 GMT
server: nginx
etag: "ab5b506272fb167b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires: Sun, 12 Oct 2025 21:02:46 GMT

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 156ms
143ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
strict-transport-security: max-age=31536000
x-ac: 3.nrt _atomic_bur BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Sat, 16 Dec 2023 05:12:21 GMT

GET
H3 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 3CB5 573 B
713 B 3ms
3ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: hunL/IAdcY3BvlJMCcr6IKE0jX4LAhF7cJqtIBqXywI6yCJNyqlJvzl9Elna90yfg1stP2h0+Z+EM/8NhlICeg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Nov 2024 18:20:20 GMT

GET /
www.facebook.com/platform/plugin/tab/renderer/ Frame 3CB5 0
0

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 3CB5 955 B
823 B 115ms
115ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d93088c88a0a53dbe42d9e8b8aab868cc97c3ea3824dc889fd952f733ca4b0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ADoeN5WnZErzp4uJaqCkBd
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: NzldiBDhPn/BnERkNpyw6lqF78Uk5kA352o7UHQhCVnfLL7ItAPDx6P+HnPoFiTXkvo0OsRM/ft9aOTemDPiPA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 3CB5 955 B
662 B 106ms
105ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a14d043f208332cd432f3143522663a90e02624c733b5326a005c58328150da2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: ADoeN5WnZErzp4uJaqCkBd
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:21 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: Ea0Z3C1bfBVs1zExbZgIbh2Ayhs+iY8uuLqsPAIWy0rYp3xmEG+l3FljUeLmAcykZ39Xkt6nat5WCn1lubbBLg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 3CB5 12 KB
12 KB 4ms
3ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
reporting-endpoints
x-fb-debug: Zly67A9uiK4BXlA1K7W2pLaoiRaq35m10NwiyooDLC4//RAIHzweNbT3qCxb1aUCKc+H8YZKPn2tPcNhycnndA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Nov 2024 21:02:34 GMT

GET
H3 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 3CB5 1 KB
1 KB 4ms
4ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: 8q9xXc98bDRZcu3b+M7gSHEFAjqRgMOziWN8kUd63Af7v88fW+rsCOju4i+EiodqNmECk0ZUHxP4MQ6wMmbaMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Nov 2024 18:31:31 GMT

GET
H2 200 b03rUpj3fKJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 3CB5 12 KB
4 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pG8ZphjXUfeB/6xAtn+7sQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3454
reporting-endpoints
x-fb-debug: QbY7vBrUnHxHJ39twa7mLNqSvHYEz0LP1BTgrLXSO1kDC3/idXiRghNFMLB7QLjwn8BZG79XJrzaTsnlfoXQHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:17:58 GMT

GET
H2 200 C8LrV2fV5JS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 3CB5 339 KB
73 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uzIAFtOVooYStiVL9khrKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74671
reporting-endpoints
x-fb-debug: vlEiOC6uL2/YYBqcYsBiLXyqIswmg/oH7ujbKFllHBGNXTqmV+Kywqu/EULMuEuC1g2VnZqOpp60zrq3jEvjpQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:41:25 GMT

GET
H2 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 3CB5 2 KB
1 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: MZn39iQqRe6Hx2BVJybyP+dXS49MQskd3qRoob1wDHNMJJ8TjpP0auaMYITbZoB2dXfXVxzi39yHNvpXcjAWew==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 18:15:52 GMT

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
689 B 354ms
115ms XHR
application/json 52.74.150.191
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.150.191 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-150-191.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 0e091ec6bdcfa6f61b975d7a3ef3d1d2b968ec460ad7a6d5d7e49af16a75f8f9

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://reurl.cc
cache-control: no-cache
x-server: 10.42.16.186
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H3 200 ieeHDjcGsIR.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 3CB5 213 B
354 B 2ms
2ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
content-md5: oSUZEsOZh+qyGbXjvLFs7Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 213
reporting-endpoints
x-fb-debug: OLjghb5kADYd0BXUDGICfOdp+Bv8hRzVR1CvMSC+V798Snd7RCWlLsbvOGtc8fwyyiHPVh6YJiHG3APzOvzayw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sat, 30 Nov 2024 22:41:13 GMT

GET /
www.facebook.com/login/ Frame 3CB5 0
0

GET
H3 200 /
www.facebook.com/login/ Frame 3CB5 0
0 131ms
131ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 09 Dec 2023 05:12:21 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: 9HU5w5J8o91lS3wuH26dv1mpr1gdPluGPs/uZ5U538v4GCFUXK6gEkQVT/wBbyKLsZQ5QE1I04z8pmQsiCxAEQ==
x-frame-options: DENY
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 0654 484 B
724 B 95ms
44ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a451320a9691f49560233d342e7fb2b6eb5b2ec15110fc69ea5c698b7e25edc5

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 308
content-type: text/html
date: Sat, 09 Dec 2023 05:12:21 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B619 0
0 47ms
45ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPRBp1R3RZXtP0kT8kbNVRf4lI7KWlaDynPlkSaq8MA0dyyGoInHMFt_Bsm4NvRrd2WnV2rssTB0v2lV-CINJzpbZAY58PqqG_nouEJJCz6lWZHaCfNEeYjeZIIK6yo1KRjTlTyFNgWSH4RkabzpfQgeGoXBAIWWESeXhPPyEIStV0EAaUNpoKF4syjzjN13OWW44eln5RZXWhGzfiv9TzOKRtc8XqUwB0CVByrLV6zVikZjXtkr3AOi6-nAwwFJDJCHn2o2oAATsz5sXeRqPudJU69dYQ4TJr4P_G5Vor3tFncKpqz6Xg1AXPqwRUf3cUnrblXFzOMZ7J1jVITJGuKrSXc3PtvEhBXzwfvC3oeywu9CvPmt_OXxI&sai=AMfl-YTeyjQ-e9ssEsCKd9_kyhlPGqSfjAUprfdJh4gSytY6bjrgRjgzGHiKKh2gdir9LjkVxRJPeNis2tpA8aWVVeY1P_FmCL4Y37nzdTYadeNL-fcw3uJxnsQApmD1iLf94LqcWBwALony1ij8UstNBWp-wwrndtvXFthmH3c&sig=Cg0ArKJSzIMwG4fIL3QmEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 05:12:21 GMT

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame B619 535 B
900 B 230ms
3ms Script
application/javascript 18.172.52.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.52.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-52-51.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:28:17 GMT
via: 1.1 519e2bfef4c665bcf2d6bc3a374c5f82.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 5186646
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: oAFwD9fZ2anoqTsuOptSBD1f6GhhiJY0D50rLqRlGPuIBVGJC8lgLQ==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B619 202 KB
64 KB 139ms
95ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:21 GMT

POST bz
www.facebook.com/ajax/ Frame 3CB5 0
0

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 40ms
39ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702098741161&gcd=11l1l1l1l1&dma=0&cid=778870899.1702098741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1702098741&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=scroll&epn.percent_scrolled=90&_et=18&tfd=1144
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0654
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=ba69f9a0-ab33-4062-b479-9cf32f659ae0&ttd_puid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0&gdpr_consent=

43 B
314 B

50ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ba69f9a0-ab33-4062-b479-9cf32f659ae0&ttd_puid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=ba69f9a0-ab33-4062-b479-9cf32f659ae0&ttd_puid=9bd42dc9-074d-74ac-ef86-149070eb84dd&gdpr=0&gdpr_consent=
date: Sat, 09 Dec 2023 05:12:21 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame 0654
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXP3NsCo8X8AAE6EtgQAAAAA

43 B
97 B

45ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXP3NsCo8X8AAE6EtgQAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Sat, 09 Dec 2023 05:12:22 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"31.204.145.167","key":"ZXP3NsCo8X8AAE6EtgQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40179"}
X-SO-Key: ZXP3NsCo8X8AAE6EtgQAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40179
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXP3NsCo8X8AAE6EtgQAAAAA
Cache-Control: private
X-SO-HostName: a-ad40179.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 4
Content-Length: 0
X-SO-LB-Hostname: m-tgng27.dc4p.scaleout.jp
X-SO-IP: 31.204.145.167

GET
H3

200

sd
jp-u.openx.net/w/1.0/ Frame 0654
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVoX5UzWzK04ks8AEDmpj8xGsc8AAAGMTP2rhQ

43 B
61 B

42ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVoX5UzWzK04ks8AEDmpj8xGsc8AAAGMTP2rhQ
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 9095214c63a79378c44a32c3efc102da.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AVoX5UzWzK04ks8AEDmpj8xGsc8AAAGMTP2rhQ
cache-control: no-cache
content-length: 0
x-amz-cf-id: 5SWTqKwcLlQSy0ZEIaru8sQZx7IfRpE-oU084sUX4KBdNIpyo65Cig==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0654 170 B
243 B 91ms
46ms Image
image/png 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjdiYmZlMDMtY2UzYS0yYTA4LWZhNjYtNGUyOWJhMDk0YWJk

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0654
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1

43 B
97 B

41ms
41ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:21 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F155 15 KB
6 KB 462ms
159ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:21 GMT
server: Kestrel
server-processing-duration-in-ticks: 267078
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 container.html Show response
77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 996B 6 KB
3 KB 4ms
3ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:21 GMT
expires: Sun, 08 Dec 2024 05:12:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2DEA 448 B
661 B 88ms
49ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CP65dhCO55oBGPyYmoACMAE&v=APEucNW9Visguu6RA3Gy47YLiX2FEL5ezDu_MeeofdvtXy3-aO1paA2f3vP4b14WLn9OePfqux92Tqu-WcpNLTfYN23bvv0G-A

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:22 GMT
expires: Sat, 09 Dec 2023 05:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 996B 111 KB
39 KB 51ms
4ms Script
text/javascript 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Origin: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 21:54:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26264
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 21:54:38 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 996B 7 KB
3 KB 48ms
2ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34547
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:36:35 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 996B 24 KB
9 KB 45ms
3ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 17:29:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 17:29:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 996B 41 KB
14 KB 45ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 311037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 996B 3 KB
1 KB 46ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 996B 20 KB
9 KB 43ms
1ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 996B 42 B
173 B 82ms
41ms Image
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdXkabUqaL1FpDlNHXW32fp70nX2Ik_1LVLlccf_7vI5HP-phdNl8hDfNm2CmUyB1-lFwpyNuDj8NHcUp0yOhl8JsyYo-aAQPiLuGTnaklmdqhnNc

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 996B 202 KB
64 KB 84ms
84ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H3 200 container.html Show response
77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2513 6 KB
3 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:21 GMT
expires: Sun, 08 Dec 2024 05:12:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 52DB 196 KB
56 KB 48ms
3ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:55:11 GMT
age: 134231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:55:11 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 52DB 15 KB
5 KB 51ms
6ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:42:12 GMT
age: 135010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:42:12 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 52DB 95 KB
29 KB 51ms
7ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 18:34:10 GMT
age: 38292
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 07 Dec 2024 18:34:10 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 52DB 5 KB
2 KB 53ms
9ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 06 Dec 2023 19:42:08 GMT
age: 207014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 05 Dec 2024 19:42:08 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 52DB 40 KB
13 KB 54ms
10ms Script
text/javascript 2404:6800:4004:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 07 Dec 2023 15:58:35 GMT
age: 134027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 06 Dec 2024 15:58:35 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 52DB 868 B
840 B 88ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=I1%E9%81%B8%E3%80%81%E3%81%99%E3%81%AB%E3%83%9EE%E3%82%88%E3%81%84%E3%81%8D%E9%96%8B%E3%83%89%E6%88%90%E3%81%8B%E3%81%9D%E3%81%A6%E5%BE%8C%E3%81%A1%E3%83%AB%E6%8A%8A%E7%84%A1%E6%9E%9C%E6%89%8BA%E3%81%BE%E3%82%8C%E3%81%86M%E3%83%84T%E3%81%8F%E3%81%AE%E3%82%92%E3%83%BC%E3%83%B3%E5%85%A5%E6%8F%A1%E3%83%AC%E3%81%A7%E7%AD%96%E3%83%88%E8%B3%87G%EF%BC%9F%E3%82%B1%E6%96%BD%E3%82%84%E6%89%93%E6%96%99

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac36a85a251149861b7b2e9d8d250b0aab66110f681d6827e8e979cdfaa1ad3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 05:12:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63C8 0
0 52ms
51ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu75xun-p_ReZ8aOPyQT3t_9Pqh_65l8WKosADs62irmguThHa17rWNHvukOeAJsf3nHaqG5hRvQGaWcZ8vAY4QvJbK0IcT-9JHqcONrshF85HQ5CNbJAHfni5Ix7gapAWa3h9nrz1c9BsLSIc04HSzuPTpY47tI0Ye_itVGLDMfX2YwItMMKJruRwablQGxQ57E210o7cwgkKNIy-Tk9kbvIOGuixnXRA7Iu7ZBpxKwDcDSVdWqL2DmKNyv7sT9bQh5-6wqLgY9fWPKFsPWwXKec2Qi__NrMSW_sFo6XsZEFqIQBSVLdkisygsBPzwsceg1ARm5_n5xl5fGGH4y2zVyQu1cVhjsi4f2fa7YtdLaGA57UVvD9q8ZW5vllGO&sai=AMfl-YR4w0Y9EHcEgttx3tb70dBNtfsx8tYCFq000fhtq5aFO7XOxB1e3_Ug70sM7Dj_rcduDu_kvJ097cNHRwWDMIztTdp6TnY1ep306sBm7jMlqIgRDDQ-UGVa9Xw0TCiovEe79FD7n5RifX3sf7ggxKlVbDg7gGOCAmDJZg&sig=Cg0ArKJSzAg8yfXHh4dTEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 63C8 9 KB
10 KB 241ms
5ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Sat, 09 Dec 2023 05:12:00 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 23
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: TcTOC3mAXiccvYSOSe_zVaSh6UgFecM87gV1Gfck6PhXAnrpLpiX1Q==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63C8 202 KB
64 KB 124ms
123ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F17 0
0 46ms
45ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswDrO8WZ_hCZi8C1pI1uPxKoieWO_ZVrn4lsi9roAS9HrF64LNsjozJZE45ZuIYfXACWDVjPM25RhsAvicEw8MA07aYN7hSB3A8J1Cp2trWPYSYz3HSW7Oc9CDarGDY5w-8LOBQd4acqzYF7cDrodNisye2MxRJ8oVk340slBBiyNJ2JHKaaUb02m7sSDmlWSgP0t_YZDf2ywD6gity2HCfKz7DQDYKnbHEZKTaV-wId2lrvfQZs8DqqHvKzwmGDicw1Uoa74Mny6h6e_TleaAl6d3mhadgi4kEMr9WdIQZDgulwCI9VLOCKtemtN-Wo2vmX9jA87orgVgQsrYjDhqTcV4YKo4elW2ftVvQWXn32a9GlpOQ3SzVVGdpKbO&sai=AMfl-YQPsUoGLCucL2ZBQsQ_3hfNCmZnLtGNvd1ymPokyxCKgRO7lAB4tIkYP9Jt9Rwuiz6MQiUIPNwIyajBeotgDoLxmqfN8Sf1uLfQ-pVk-NjL-mKyEkHocWz0QAipGGH6hfuHp3UoyLmmuvI6DfQu_FHIURMytFNMfG9BZQ&sig=Cg0ArKJSzFtMgU7NDjMLEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 6F17 9 KB
10 KB 233ms
5ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Sat, 09 Dec 2023 05:12:00 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 23
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: Su8YgkVrhFRLSXNdJVgYhDhMO51wkJsWjBioqS-QEVDnvwGEsjoRfA==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F17 202 KB
64 KB 115ms
114ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 52DB 3 KB
3 KB 5ms
4ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 13:37:46 GMT
x-content-type-options: nosniff
server: cafe
age: 56076
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Sat, 09 Dec 2023 13:37:46 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 52DB 344 B
474 B 5ms
4ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:42:57 GMT
x-content-type-options: nosniff
server: cafe
age: 34165
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Sat, 09 Dec 2023 19:42:57 GMT

GET
H2 200 6374493954456260970
tpc.googlesyndication.com/simgad/ Frame 52DB 3 KB
3 KB 3ms
2ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6374493954456260970?w=100&h=100&tw=1&q=75

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80681585e3e5eda2d4eb799a13afa40d0546a234fde891115de6fd4ec614b47e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:58:01 GMT
x-content-type-options: nosniff
age: 134061
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3187
x-xss-protection: 0
last-modified: Tue, 22 Nov 2022 02:54:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 06 Dec 2024 15:58:01 GMT

GET
DATA 200
OK truncated
/ Frame 52DB 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc79b0caa826fcf3ce95252aace76796eb3e5bb66ecb12ccec5d9b4a1d0410fc

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4160 611 B
310 B 51ms
44ms Document
text/html 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNVeWxDgX0hQUE4TSzXAmmQ0wncdDOwlw2EAzB3_q_mQzeIXfT7VEveP3abO52LGGL--WjtO2VDlXtp4mIy9ZUPuA0nvow

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 243
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2513 89 KB
31 KB 70ms
64ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2513 42 B
107 B 48ms
42ms Image
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DPdfpwJFEuI_KxKulIv_z_d07cAQAKUH9VoWgPjxZoum2BUdAwdUe67-QGX_beGUjJdTda-zuNwfm4OsItBrfnxGPEDt32rjnq8Z6UN0bixdATpcw

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 2513 2 KB
1 KB 15ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158900&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iKpMXY_s0HjZLARYz3H_Hl&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:12:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sun, 10 Dec 2023 05:12:22 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 2513 9 KB
4 KB 15ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0iKpMXY_s0HjZLARYz3H_Hl&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:12:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Sat, 09 Dec 2023 05:27:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2513 3 KB
1 KB 7ms
1ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 2513 20 KB
8 KB 6ms
0ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5465
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2513 202 KB
64 KB 69ms
66ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 2DEA
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
232 B

67ms
66ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP65dhCO55oBGPyYmoACMAE&v=APEucNW9Visguu6RA3Gy47YLiX2FEL5ezDu_MeeofdvtXy3-aO1paA2f3vP4b14WLn9OePfqux92Tqu-WcpNLTfYN23bvv0G-A

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2DEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1

43 B
772 B

18ms
17ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP65dhCO55oBGPyYmoACMAE&v=APEucNW9Visguu6RA3Gy47YLiX2FEL5ezDu_MeeofdvtXy3-aO1paA2f3vP4b14WLn9OePfqux92Tqu-WcpNLTfYN23bvv0G-A
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJEXcii8zOP%2Bt%2FeN0eEhaHfSPgGN3EEqhOdpdCn%2BEuR6zquewbs4YHKkHlecvj0VOmWVfEGPtkdvA3X2vvZLvI7HpWRi8CTZ%2BmPZ5JxlJrlMAjdH2NNgFhvyiWrTtHoquDPeLllWgA%2Fs%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832ac0b269363445-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2DEA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXP3NlXlaR55gr7Hr9bIXAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1

43 B
738 B

20ms
19ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CP65dhCO55oBGPyYmoACMAE&v=APEucNW9Visguu6RA3Gy47YLiX2FEL5ezDu_MeeofdvtXy3-aO1paA2f3vP4b14WLn9OePfqux92Tqu-WcpNLTfYN23bvv0G-A
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpXiqxA2ENK%2BIhSlAKB9YwH%2FjiP%2BSq6MVISRf38HmmjPyj9dTzQBt89ExQfZ39Uh3GRWr8WKjb9yw%2FzEIALLmBTjNrNBWih0pkK9TabHMnZ%2Fls8q%2FpKtMBoV3sivMY5P5akpqSvUG4FIrw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 832ac0b2b97b3445-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEwu-qqv3ggobs8IhvOZ418&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B5D9 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 206867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 93 KB
20 KB 45ms
4ms Document
text/html 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d019fc735f42e920240af373f78509070ff773427d39fd46d00031c42e5996c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 145487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 20574
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 12:47:35 GMT
expires: Fri, 06 Dec 2024 12:47:35 GMT
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 996B 0
0 98ms
50ms Fetch
image/gif 142.250.198.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssyFNWLwALRLk-CwUvyl67byq-nfGAauC0cJ0pBML-9B8BOSetmFfm9s92mUcrlpGh-kn8TrUc4g9JzMk7J_puJzOOfVcLAq8JNnpUamgIx1zs6CXWhIE-0laUfsWQ7nGsmh8A5mU9fXEuZZuR-2fj6_6p7HnU3j-RvVy-ylN2rCNehqHj8lpehUZXDJYACzsNXaXElI2uZp2aM7zvkD9mWeRrb0Bn08ASuhw_KcmaC54GRXB4-mAqyXRf9looQaNTTaJBsgQsjj-UbDw4QwpZmYvpOzYXa5eB3Jx7lKhyQ1JfvV2RY3CejRF4LQKcrIolzoM-DydboH2OadBtUdkQYMXwRf5KEQzG62jMqVppKYogffv_ZCagowD9XAg7m2yoL5xYbMN-CykoqYZIMKx3iXJeH4Vol_TxEufRAGTPKqms39DMESjlqlQ7x1QHSxUl_C_rYKX9sy8nnVMigrB1rTgO-P0Kf6UfivOncr60171qA6g8F49ivxCevyiYIKeVm1hHq-lkR5PJfewP8EHJfXSq3_kkV_H3y6tz2SAB44UV9VWFtbcDuzVBK-tblWry547sTZiDacCSctQLRslOe_wJB-pfh8pgRmesKMpHxU0RKcKtg3gQjK1_4nWfONYZNxPWkoAC2082OJBwtbvqyyxrLeNiw8EhwCSUMQsjjxCHDwO74tcLK9OksPnanHL5kLjPZxBgmpp-iwrx21FldSOSEgJCcfOPb0zDWRjQtbWmklmJD_FzsfvqtwcM-kijOkdFgZ_lUzM_fIp5MYGIv3Q7d9Y_Yl8c4OJWiJkuHvckk8CV00Sm3ZDZe1iHO5KH0A1fapNnI12PI37gfcURP9H85qH0kmlJUF4TLQebuP2ijkvcL-8gUfpvXFsYnfQGXRQGofO8okn1zT7d-XKzThu16fc3SLqQ-wfm9tz7b94N0g-7iW0mlpaLDwOrAyTjHz-Pn1hYBJUjh_2c5cI-O18ETL9gpcplIai63xN4ogLaaMtSm5J8638v269w2pytAx2w3MOUikmPjdJZvy7O8RF8hoSZr1QRRi7cCQjP6Ll4nt4vi4xFcqcS9KPk7-LvfNqWvnnw9FT7NJsqFkR_-NPUm_ZKVRgJNEfBTFl52SFwu_g9Ox9LlJp-vALgj7vPkXEz5mru0HbO5SIruLMgQbu493CJi99PCBTK1PL4u24Yo00cNJXbTM3JmXx7RKgWB84F3zI-JGpHTPVlhhe8TLoSfaaHJ7XuLdWn5bstbfkWwgddRiT8yrapSu62XNRAb_BWjbgEaSWW3fidft4YlO_AWZDkXcr-knqjlJhDkGF9EiKofyWd6fvPYB3LfS6XryPXAiXBTuVIpmTdFTWc&sai=AMfl-YQ2mhz5TSlmd-4D90q8aS6G83DMieGkwwrzzJUL4J_vilRQmxJ0s_ERzdM8zlDv_18DN4dBay7BuNgZ8AP1k2Ew50jsSOOFoPxmdtQ8Ywy_u567-dEndQGcZ5tuuNtLNWdtWIsyp4wZPkB39IlCTaC1VEY2KBTgmm1fNBRvRxvNHG4e_RsxdXDdbrib6vyMushtqfGkrGRIG_oqF1MbmZdtNQDu7Nrypkz9qs4T-ENHzhfsBGsoK1uNti9hidr9Z6y-ikPTXfepxF9rzbZC3OfiLfGlDHCJVrczb4YbI5SV0EZ4-n8CCntrmBaDT7V7U2p2_q2oZJIcjEYJYEayMj8BALfhxdiaQt_BN0i9d9EwxO5Yfb4D--vEbNr85SmtsypITCha1xLa6UBrDypoe_aAXUWrFE6h2o6SCiSWxfMr6qxapqLaKi-NGGpDCCz8fWSE7Ufgzia9GKHO65KUyss_s5CwjYqhE9Dr-pPQ-DFNj5szf5jnrMf2hGJNLUiYgLpsMA&sig=Cg0ArKJSzD3tXaTtbmEkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb2V1cmRhbGVuZS5vcmc&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=106&cbvp=1&cstd=104&cisv=r20231206.52277&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 996B 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bee0b841ca961b8c585f62ee498a1de1cdfd42b76f91155564b12b550d16ba24

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 font
fonts.gstatic.com/l/ Frame 52DB 28 KB
29 KB 114ms
54ms Font
font/woff2 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqs02Ykwq1cWY2DTxoRVzDcOUZ04DWFxCuuodHz3eKtfPTDRlGPjiaFP8eIi0SL1A0gz-pLL19ROhckm4dx_e7Abt1AvOUYw12s0xIEwJsex3-tg4lpnvVk-swJY3czMaYfpbwu59WRPhdAnRQgb38HgpxinfsrM4qsppMLRdP9Uah1mPsKvAMMESpDKHj6vBYlioklkvGN8CHjyfmCPCe1ABcnQC3x110&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=I1%E9%81%B8%E3%80%81%E3%81%99%E3%81%AB%E3%83%9EE%E3%82%88%E3%81%84%E3%81%8D%E9%96%8B%E3%83%89%E6%88%90%E3%81%8B%E3%81%9D%E3%81%A6%E5%BE%8C%E3%81%A1%E3%83%AB%E6%8A%8A%E7%84%A1%E6%9E%9C%E6%89%8BA%E3%81%BE%E3%82%8C%E3%81%86M%E3%83%84T%E3%81%8F%E3%81%AE%E3%82%92%E3%83%BC%E3%83%B3%E5%85%A5%E6%8F%A1%E3%83%AC%E3%81%A7%E7%AD%96%E3%83%88%E8%B3%87G%EF%BC%9F%E3%82%B1%E6%96%BD%E3%82%84%E6%89%93%E6%96%99

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

032c43052bc5628f02ac2de24d0e9c65eeee6783789f84265fc2d0284d0f0406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29112
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Dec 2023 05:12:22 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 4160
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELtCo0WZIob1z1t8fOhahRs&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtCo0WZIob1z1t8fOhahRs%26google_cver%3D1

43 B
887 B

70ms
70ms

Image
image/gif

103.43.90.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtCo0WZIob1z1t8fOhahRs%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNVeWxDgX0hQUE4TSzXAmmQ0wncdDOwlw2EAzB3_q_mQzeIXfT7VEveP3abO52LGGL--WjtO2VDlXtp4mIy9ZUPuA0nvow

Protocol

Server

103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
an-x-request-uuid: 9bd6dc94-11bd-4553-9587-38e436d71c0c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 31.204.145.167; 31.204.145.167; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
an-x-request-uuid: 534f83d2-6362-4794-8878-15b13de5ddb3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESELtCo0WZIob1z1t8fOhahRs%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 31.204.145.167; 31.204.145.167; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4160
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D

170 B
188 B

52ms
51ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
an-x-request-uuid: de0cae8b-d436-44d6-a065-a5e3d4777a1d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D
x-proxy-origin: 31.204.145.167; 31.204.145.167; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 4160
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1

43 B
61 B

39ms
39ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNVeWxDgX0hQUE4TSzXAmmQ0wncdDOwlw2EAzB3_q_mQzeIXfT7VEveP3abO52LGGL--WjtO2VDlXtp4mIy9ZUPuA0nvow
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEwq9ZiDYjWGIP8oahuNWa4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4160
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjdiYmZlMDMtY2UzYS0yYTA4LWZhNjYtNGUyOWJhMDk0YWJk

170 B
188 B

40ms
39ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjdiYmZlMDMtY2UzYS0yYTA4LWZhNjYtNGUyOWJhMDk0YWJk

Requested by

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjdiYmZlMDMtY2UzYS0yYTA4LWZhNjYtNGUyOWJhMDk0YWJk
p3p: CP="CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 52DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

46ms
46ms

Image
text/html

2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Server: 2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Redirect headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame A23C 390 B
354 B 44ms
43ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Satisfy:regular

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

74410ad57ecfdf8c7d5de1459b50aedcca8296e65a45d1be01fd9835117e743a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 05:12:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H3 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame A23C 32 KB
11 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 80490
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 06:50:52 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 124ms
3ms Script
binary/octet-stream 18.65.185.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-129.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 16:21:32 GMT
via: 1.1 1e5ca059f48c688576a90d719b9ff148.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 19399851
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: wW9XnKx8_RYIKzrAtoIQgU9_nukAviQ_s1rsKyCl4ThFck3xzVnurw==

GET
DATA 200
OK truncated
/ Frame B619 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27942b0b679a9367b2c4430c4147613ba7a01ad9d7e07b2569b9195a83aded5a

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B619 0
0 83ms
45ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7_aR15HGl4MbddmJlf-GCQgHlYpV5lY0qD1xVMrbxXirK7--_3pRv4GUyzexgWwXED2har0IfAZVUXb8l2LgqHZgh2oi9lK7BsWS1KXKSDPWDy3dvpGPeCUlvlWJV57d0rPXgkyDdQWmJvhzmSKGK0SWwOMJEcXZZEiSxVD8Tb22EfjiPbIZy2CCBhy9nrBUkeuyVNxBAzYQ3V1HPBIHnDnb7rvPGUabv0dpl0jTL-RsQjUaQd1fPGRFgrjhuW5yFNAyet-QthNDBg1ZsVFNmI4urTEL5VmV9kfWzxwrrvTaDt22RMBXY6ZXahbQZTIjiRCoeKLBfpiWN6tBQkdt7odLm6e5MuaxSzCvoOWdRo-E5P_489KSZO8vBiw&sai=AMfl-YTvCpjN6OueQvCV8Wl6yfYhAvTWacTUznPjMmF3_htC01uqpj0w57Tc1eSsGRMuqrtcLrtqfpXqQ3F8gVAaL4LizvXltMWXfqXYy1AKQ07huueW_DacsQYvlT3cNYXW_0VNb_dexXuc5yk-TT0TE4ei34iHQOupU-giV14&sig=Cg0ArKJSzAY7RZfF9u85EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 05:12:22 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B5D9 39 KB
15 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:30:49 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2513 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7231386329952&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2513 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7231386329952&version=m202309260101&ct=77&x=1&cor=11418607384701354000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2513 20 KB
13 KB 81ms
81ms Script
text/javascript 2404:6800:4004:826::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6amncoHmewLMuD_TaEpoqLlvUcjwtXM6_csfp55T3pBhCKcrnD11LH85GRufAea-arhRPIVfYMDFnnJGq_baAmH4lyE08loVNpyMWkpgvtQr7hb6aXRVBykK6CB8wqrvhMfa3p6QGLjWBU1sTG554WlHAlUWLcKxuFOieEqgZF40odBA&cry=1&dbm_d=AKAmf-ASYvNwimesrzLm-Gz7aoAJ2CFJchtLd9Hn-vWbTVkeLAbV7deST8ekAfZUn0eIow5-bnq7QuGOcfwdpYUKjA1TwagPdr5MtIyjJRzFEJ5sBboRVCzuBGd3_Uw7pskwjk4Xe0_JtLg0fIEDjS40Eexmf5seqtU2M2SiVxAf34-qjrbGl_11Uk9j8flfDp7A82QgMG9y-FKJqv_jRKkOuofjeHY-onr70qrfeDIXAHbT3Y1HUlkihQfvVyU9EqVR_kB6POOry-FBR42Ras6WM8fin8cgNNRw9zNTSRXTjYDfAAIC0uNCuf25tCa55KLZ5fSUGJc1jWw7wMlOOEomDT7AKj4jAuwdZGI7cx7sF05VlRqmTkr-5LTWa_lnrLVB5I0JWuYi0t0Qi1RHep-ch0i4MXYLR5WDDxmR4HZ50gsyadNc6cPO7S26Ku0nRjKpvW5J1E2HCsRc03iUYY0jCgKf0QJ_kE2ovPcPDKvvexZNmxv8-px7yqOOBLr4bQAZDoM_SxPLG26xR0XomC5pKMOaGvx5uWy-YDUsct0vceJqotgATJRWmqHs40xjcQIHLJt2Uxq5EM7kQqq2WDegX9NHfLrvhhQ9i6sIZWSw2sOTDxtRaAkaFp6qdo5ldBQSgQ2FYvwtaE2vh24Rn_NeVE99NOm9a_lJZ_fLSZw3mpjPn9zaZSAFZ03aN6RCKyayJrIMEp_GGCJBx3Pt0m1xLBoRLIr5iOHxkOrhCF3-q1mTqvn0gSVc8xk-bVph3eOwhabqnwxl_OftLz1htDwkf71hbzVj2KN2D5NfmRRtJDsHnkZBOOG2-XICtN-Da_St_qMEmCIr1QtBKfknHprPLVzwOpkl9I7ACiwDlShC_4mrbenFKApAYzf1EHWqOHNErXSW0Herz0KNVSJtQ_I5EbKW_U3wqpQpCDKX_eg1GTSyol50Fxux4tDb-EdxkLHyA0eamA3xKDIN8mMood6h82kJlj4oJl5w5PipKPW7aIU3lQ6QMvVhFcVNAQ4SJS0xGZYZOPzd0c-1tsmL9f--eCKyfPrh-lH4eFy8wBNkWdgWbHQNo5iUYJis71cndPzctro4H-SsA1grTJlzgaip-awbzPAXZJMwR4dHWzgzuystjRH7iMcN3AMRefICUHEND2FA3SZW_w0Tso2_Q5jZ2h46W54NdxTdMIyabdM7JaWD7E0AlmzXTqoQW0leFWvpBM2mdqW8K7AihA_c_0Qk-VRV8Ex8QaVybEGnVGp4a4RBIJwupzaYtVMbP7IU5VNkJtM7X5BgZeYrpksXvlT3sypo1Kk9CShu8xCCRqrX00aZrdBSgDcQGUs4LCaR6E4jrj7UXfpvFaBfOVnFVqgybfLx1Yh9riHbLLgoyJ2XoKhiW9JlSBENvFn2BwYisD86jGaQQ5uIH8UMS2JAzNwFHXegmVmH3Ko-E2vSiOpTIp1tsxF7mHW_vfLFDVVN3pGndJV_NyAuaoLDjvdSFMV_Tk3_JnSItzruVKI9q2c-msN9Om7u3U0ThZC8u1bEbNf-X2uts-8cHnm6U-K8QUjsuojRUMpbE7zezHr7g_1dBpN6D740VBY4vYzvauH5z_hWehqM1alOn9T5-2aQ6BnU09POTv3X6J6qbwsxlS4n0GSZehYrbJYKixlnOjZIcF28lbt6Z4oRrO7GcL9c1g9qA9duRofDZUMMIWdRmUtTecL2BcsQk6mGzoBygYKgOyUC4D8wtuQA8J0Zro-A8NGtJuht81Luwm6sNXT8dWkGxfVX4pRlfqNYsnmzNuhq5MPpvyJ4cujrMb1Go--ShgBFNKznrLpgotrU8r1saFl-RWuoCUQXH3K3tKb_F1N-2YtTpWTcRnNfqUdrNabbBwkvvuxquUL1V6H-yEIdEv6SClaZK-x8_SlWL08lBlPCdRG_3Tl0KcwYkqalCcCq4MFG_Gh67cQiaiZDivfOiaQNX1Fj6PBGQw58BveflwkGrcsZUgUMt2kcBnx-qJHRP-OhOL2LaANJsvAXqCIQ4SkgR8OtvmkkiPgVOqD41OYMCw1iaGyjVZRemIzd_MoAuXBnSlQ3KgHmvszJx0azW4vJo2c4N5lXlqW01VcxHal6iVzU1lpp8r_1HhSFdjwIn8dLLpRH74hYwsr61g1zhxfZ2Yd6Vbnd1ItgBG_RymT654MXk6P1tSw-jZegf35mk8gaWmGZfCusn4lAcGGqnbTgFX3oHKHkYPDhubv_rxdFcBZc-lDYIeclDRh-yN3Vxeq36CrAT4KwWsmAs3XGuVr-eiRac1Oav5bA_9pDL5IwOk0yTAofOt2upurHtvKeONKrg-6S6WDZ1DNOb-K7uL7vsuJGfyoJP9pA3SKodAE2yonEMDG7UEXZNKqOyHAG6Rcd4dwzKtT4n38P2PFCxkrzr-TFYKyytUGvUi3h9xB0VjrKWWAo4suE6ge9kwemUGeXfuv0Iiw5bJGcATbx8fYeFr9zV-RSUPdxkeot9Lq2qrNEpONVKccB2YvHgJL_RNBJTFkNBhRYzKJE_z5jzjrNmZElE3g_f06kQNpCSYWv5OFkbqmgiSlvHTczXNz1XhDxAD8m_QU6PK8IR9Iva1Iq_fYFAo_Ur114eCE5a8si4GcnWIMqHyWXYXK4SgptsWZeAfA_1KHuAIEV-JcfK8J4qsK6tuHtXNvIPkxLrZTjGns0bjyeTXvBY68Es7blbZ88LSZHwwCXCK4kNlLhynyfpV8I0sk90nuW69ODvZOhteFoKhAH4LLqz5cki1z3kVbrYjeuGipUXN6sLiflXjaNBtI_HuwLSSgUHppo7f6NlSKIFGs-WNSKtVdJXWMGZmbx0ULiqV80fShRHJbABMtaizSaSYAsCplxInQVK7AzD_mn3aHMZFiHrtDZRc7wAn-VzuFO8Y1BFp1ueP4VcSxHVYWSYIJN5Li7p19oT6QXwKTmNqWba_1vM374q_6KJ0tx9jvd0gFZlMkgRza-uGLa13tmNTdkAhK4gUWtcwGsGzhSBEOXEwbJX70jwtq-R8jMOnkDLbEbEGcJAW-Lfxr3NMOLdjPkunLtZwxLYVVnc7Vhy8ROmh_het-vRpcI0BcXASyi1VJP2gM-E_IFipJM64tlI6I-6xUjOFfDW9WN5BE0GxR5SBm0_lzspDISTuJybZi5iTpE295Lc2w4iVEGZjUh3si1sOyYnOKXrIBaRSABu2lpt8e1sTjCqFcdMixL4R6L0GFPIzvJ0fJC2MF1Nsjcs-AqHPni4pne3qJ3tsebCr_r1whpvwuIPE4TtG-1rPbJoX9b7JjN88zDxTu87_G3vodAJAQjWptwWX2UlaTluByuY2Uih9w5aOR5g7GLOfjmbD8OnNbyUSYPp1ooV4gL30qTskyrHtme5_oVZ70nci6BuJAwL293-3nkZdOqFVZaieQjrAj_BaB60wc8OH6n9LIxOyW5jaE467V-gXuDpzTsCfF345j4lfLR-JeIXac4GIqS2o1t__tA08EV5VmINxmEuhZced2gY52Cykzr3VcQSJJXdPf-HeS4YftpiSBmh6LmU4z5dAVvka180j_nQXGKKXykHQMWvhv88dhtnN7H_AmEbOAlW3qYrJ7UjMRAzdFzF66UgLasiCopQq3Rvz4hZbsE38eQxnldFfokO-x64kUyfClwOo8W5_x1jEwye3Mx4R0mV_zT1_KpOw9LuX_VjvzDz_Ulvu244ZZ0BNTSjHTABylhAapZDCK_0shULWFnvZpA23UWsIukMxNW8ntPEnr75iRY5nGy5sLdG87Oin09J0PHfcOigMVcl1OpcPZUP1pXg59WZ03U5WC1E_SIPTB_YErmkbyTEoZ1QCF5aBCG0Jf3fEJoUDrFSzO3-Mc5EPQnI7tfNUGpvcjMKMHNIb93dlS42-E48P7cQPoeNV4hi5xpOunMUmH8dEcKIByxzZ9r0ch35nKUEn5xI5TUroZO2IL60N4mbloGIOKC27gElJqH0TYSAzajgCX6yb0EFhqVuu0r_9_LzTwBX435G30jFBuNNql-YHeCMRfxrn9JDis-oOdJFhGaAYyqxofIFOvCNXouHGUCtSHeWaJYgxEsNPLMzB44w4u3trcIq2Sgnk1noI3ipcddga-Uv03RkK9d24HWy1z71A7EQfSOZsSvFFzQLThZMU-asF_65eCSfkBLweLYsl-p-UYZvDeJy7dNhQT5ykWw6UeSHX6wPtI5RgJMJdAhf2SHLwTdfkOC&cid=CAQSTgDICaaNR_CMrSuW-C-0hsK2KRduxGkBI5FqNMlMQZk8xXfSHdVqhKXSfdbek4jl0iFrBW0e9nocyQnn0kKtoAyWslqcsKo2CqKHVONGTRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=11418607384701354000&adk=3047537734&idt=76&cac=0&dtd=23

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872fda231cc1e19d13e55adda7e882830213b7bac4af4ab0d06d2ffe11dfb6bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13758
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 63C8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 659f5c7f6f5ef235f71ec603888c8158bb454e8594e8d0f7fda64e324b7facda

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 6F17 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce15be8943bb8658cb0a9eb2433aaea414e53aef4be3450984840871b895f4bd

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 329D 10 KB
10 KB 3ms
3ms Document
text/html 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 26
content-length: 9921
content-type: text/html
date: Sat, 09 Dec 2023 05:11:59 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
x-amz-cf-id: 0EQFd414ygKmmK41ZumSXMKZCn54Kl82szfh0_ZDGaec2wmbhQnifw==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 50C0 11 KB
11 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Sat, 09 Dec 2023 05:12:00 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 23
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: nE8sVzLGOygTJPiYMYLmS19_VIRmfqpFUxXS3ctc2WN-6EdmJoaZXQ==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 283D 10 KB
10 KB 5ms
3ms Document
text/html 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 26
content-length: 9921
content-type: text/html
date: Sat, 09 Dec 2023 05:11:59 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
x-amz-cf-id: 7EpskvHkef-RHCDHLTKwU-uPX1McwraaU_pxVEzhVRjApKclJy3rog==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 51C4 11 KB
11 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Sat, 09 Dec 2023 05:12:00 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 23
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: lBmQzSkkRszdngMsi6KKN-ENYKfCK4dmfEE__LD6swNx5MF5oG2MKQ==

GET
H2 200 rP2Hp2yn6lkG50LoCZOIHQ.woff2
fonts.gstatic.com/s/satisfy/v21/ Frame A23C 22 KB
22 KB 22ms
21ms Font
font/woff2 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/satisfy/v21/rP2Hp2yn6lkG50LoCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Satisfy:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:22:31 GMT
x-content-type-options: nosniff
age: 168591
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22652
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:43:35 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Dec 2024 06:22:31 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 52DB 0
0 54ms
54ms Image
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmMiyNfdzZc_pHaOCid4Pv-SiiAya8-fUdJ2D8Kz5EZOt0fjeQRABINLMgRpgifPFhPQToAHr1YL4A8gBAakCBOnHVbehPT7gAgCoAwHIAwqqBL0CT9BR6yPctUPnzo8pOD0zGlNKRQFbvHa18kz1sCPukkLyFTdpxk60Sltz1lvRBp5OQovk12XKLdShxpz47uPqA0RkvwkDMz-ArVy_2roE7K0XECXR-8OCgqCNfBI7wfta3k1Hh_AS9AcpPB_g3rFYbBedYmkFyVwK7ugAvWLiFeg7GwvNS7II1wIxbWr-70tEd-Ns5UbagpAMgOR8zUHzooUjesxp9fF_Db1Fmn6-EnnITd9rnSwIapelK-o7unJl5zQVCknBOjf87CfqT6zKmibYnWKFzjqqTcKCkSX3oq5SSmtcl2GxZY5Hu8CJRgilJHwoatxhnds9y9nh895UTL_zbMJeJD112tOqBsGIfr6zaZ7naUBA9ThtOghPDi8ehlFRaIeiifsQL75rx65gW4IGdNwmgpfn1Z6Nb7fABMTxyNLWBOAEAYgFodvdp02SBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH_an9B6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOC1BdIIHQiAYRABGB0yAooCOgKAQEi9_cE6WJPq7fbLgYMDmgl_aHR0cHM6Ly9scC5pdC10cmVuZC5qcC9tYXJrZXRpbmdfYXV0b21hdGlvbl90b29sX2NvbXBhcmlzb25fY2xhaW1fNDU4P3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1yZXRhcmdldGluZ4AKA8gLAaIMFCoSChDktLEC7rWxArW4sQKsurEC2gwRCgsQsK-eyciO1cuAARICAQPiDRMIjK7u9suBgwMVI0HCBR0_sgjB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=ZFrPC2mITvQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgDICaaNR_CMrSuW-C-0hsK2KRduxGkBI5FqNMlMQZk8xXfSHdVqhKXSfdbek4jl0iFrBW0e9nocyQnn0kKtoAyWslqcsKo2CqKHVONGTRgB&template_id=5001&cbvp=2
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 335ms
177ms XHR
application/json 143.204.86.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=1317.5027821856268&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-119.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 8b9546dd9551a2cdffb537c9169438e9e4f69ed61f96b33ddd9ee37bcff38f19

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
via: 1.1 fd95d915cb5f672e4b8b3613a0dde9ea.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: iytd9Fvdx6tHd_7ioZF3kYkcqYSdGEtOhuADdDyabl8bvm_Zzb-VnA==

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 996B 0
0 44ms
44ms Fetch
image/gif 142.250.198.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjssyFNWLwALRLk-CwUvyl67byq-nfGAauC0cJ0pBML-9B8BOSetmFfm9s92mUcrlpGh-kn8TrUc4g9JzMk7J_puJzOOfVcLAq8JNnpUamgIx1zs6CXWhIE-0laUfsWQ7nGsmh8A5mU9fXEuZZuR-2fj6_6p7HnU3j-RvVy-ylN2rCNehqHj8lpehUZXDJYACzsNXaXElI2uZp2aM7zvkD9mWeRrb0Bn08ASuhw_KcmaC54GRXB4-mAqyXRf9looQaNTTaJBsgQsjj-UbDw4QwpZmYvpOzYXa5eB3Jx7lKhyQ1JfvV2RY3CejRF4LQKcrIolzoM-DydboH2OadBtUdkQYMXwRf5KEQzG62jMqVppKYogffv_ZCagowD9XAg7m2yoL5xYbMN-CykoqYZIMKx3iXJeH4Vol_TxEufRAGTPKqms39DMESjlqlQ7x1QHSxUl_C_rYKX9sy8nnVMigrB1rTgO-P0Kf6UfivOncr60171qA6g8F49ivxCevyiYIKeVm1hHq-lkR5PJfewP8EHJfXSq3_kkV_H3y6tz2SAB44UV9VWFtbcDuzVBK-tblWry547sTZiDacCSctQLRslOe_wJB-pfh8pgRmesKMpHxU0RKcKtg3gQjK1_4nWfONYZNxPWkoAC2082OJBwtbvqyyxrLeNiw8EhwCSUMQsjjxCHDwO74tcLK9OksPnanHL5kLjPZxBgmpp-iwrx21FldSOSEgJCcfOPb0zDWRjQtbWmklmJD_FzsfvqtwcM-kijOkdFgZ_lUzM_fIp5MYGIv3Q7d9Y_Yl8c4OJWiJkuHvckk8CV00Sm3ZDZe1iHO5KH0A1fapNnI12PI37gfcURP9H85qH0kmlJUF4TLQebuP2ijkvcL-8gUfpvXFsYnfQGXRQGofO8okn1zT7d-XKzThu16fc3SLqQ-wfm9tz7b94N0g-7iW0mlpaLDwOrAyTjHz-Pn1hYBJUjh_2c5cI-O18ETL9gpcplIai63xN4ogLaaMtSm5J8638v269w2pytAx2w3MOUikmPjdJZvy7O8RF8hoSZr1QRRi7cCQjP6Ll4nt4vi4xFcqcS9KPk7-LvfNqWvnnw9FT7NJsqFkR_-NPUm_ZKVRgJNEfBTFl52SFwu_g9Ox9LlJp-vALgj7vPkXEz5mru0HbO5SIruLMgQbu493CJi99PCBTK1PL4u24Yo00cNJXbTM3JmXx7RKgWB84F3zI-JGpHTPVlhhe8TLoSfaaHJ7XuLdWn5bstbfkWwgddRiT8yrapSu62XNRAb_BWjbgEaSWW3fidft4YlO_AWZDkXcr-knqjlJhDkGF9EiKofyWd6fvPYB3LfS6XryPXAiXBTuVIpmTdFTWc&sai=AMfl-YQ2mhz5TSlmd-4D90q8aS6G83DMieGkwwrzzJUL4J_vilRQmxJ0s_ERzdM8zlDv_18DN4dBay7BuNgZ8AP1k2Ew50jsSOOFoPxmdtQ8Ywy_u567-dEndQGcZ5tuuNtLNWdtWIsyp4wZPkB39IlCTaC1VEY2KBTgmm1fNBRvRxvNHG4e_RsxdXDdbrib6vyMushtqfGkrGRIG_oqF1MbmZdtNQDu7Nrypkz9qs4T-ENHzhfsBGsoK1uNti9hidr9Z6y-ikPTXfepxF9rzbZC3OfiLfGlDHCJVrczb4YbI5SV0EZ4-n8CCntrmBaDT7V7U2p2_q2oZJIcjEYJYEayMj8BALfhxdiaQt_BN0i9d9EwxO5Yfb4D--vEbNr85SmtsypITCha1xLa6UBrDypoe_aAXUWrFE6h2o6SCiSWxfMr6qxapqLaKi-NGGpDCCz8fWSE7Ufgzia9GKHO65KUyss_s5CwjYqhE9Dr-pPQ-DFNj5szf5jnrMf2hGJNLUiYgLpsMA&sig=Cg0ArKJSzD3tXaTtbmEkEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jb2V1cmRhbGVuZS5vcmc&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=485&vt=11&dtpt=379&dett=3&cstd=104&cisv=r20231206.52277&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2513 41 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B6amncoHmewLMuD_TaEpoqLlvUcjwtXM6_csfp55T3pBhCKcrnD11LH85GRufAea-arhRPIVfYMDFnnJGq_baAmH4lyE08loVNpyMWkpgvtQr7hb6aXRVBykK6CB8wqrvhMfa3p6QGLjWBU1sTG554WlHAlUWLcKxuFOieEqgZF40odBA&cry=1&dbm_d=AKAmf-ASYvNwimesrzLm-Gz7aoAJ2CFJchtLd9Hn-vWbTVkeLAbV7deST8ekAfZUn0eIow5-bnq7QuGOcfwdpYUKjA1TwagPdr5MtIyjJRzFEJ5sBboRVCzuBGd3_Uw7pskwjk4Xe0_JtLg0fIEDjS40Eexmf5seqtU2M2SiVxAf34-qjrbGl_11Uk9j8flfDp7A82QgMG9y-FKJqv_jRKkOuofjeHY-onr70qrfeDIXAHbT3Y1HUlkihQfvVyU9EqVR_kB6POOry-FBR42Ras6WM8fin8cgNNRw9zNTSRXTjYDfAAIC0uNCuf25tCa55KLZ5fSUGJc1jWw7wMlOOEomDT7AKj4jAuwdZGI7cx7sF05VlRqmTkr-5LTWa_lnrLVB5I0JWuYi0t0Qi1RHep-ch0i4MXYLR5WDDxmR4HZ50gsyadNc6cPO7S26Ku0nRjKpvW5J1E2HCsRc03iUYY0jCgKf0QJ_kE2ovPcPDKvvexZNmxv8-px7yqOOBLr4bQAZDoM_SxPLG26xR0XomC5pKMOaGvx5uWy-YDUsct0vceJqotgATJRWmqHs40xjcQIHLJt2Uxq5EM7kQqq2WDegX9NHfLrvhhQ9i6sIZWSw2sOTDxtRaAkaFp6qdo5ldBQSgQ2FYvwtaE2vh24Rn_NeVE99NOm9a_lJZ_fLSZw3mpjPn9zaZSAFZ03aN6RCKyayJrIMEp_GGCJBx3Pt0m1xLBoRLIr5iOHxkOrhCF3-q1mTqvn0gSVc8xk-bVph3eOwhabqnwxl_OftLz1htDwkf71hbzVj2KN2D5NfmRRtJDsHnkZBOOG2-XICtN-Da_St_qMEmCIr1QtBKfknHprPLVzwOpkl9I7ACiwDlShC_4mrbenFKApAYzf1EHWqOHNErXSW0Herz0KNVSJtQ_I5EbKW_U3wqpQpCDKX_eg1GTSyol50Fxux4tDb-EdxkLHyA0eamA3xKDIN8mMood6h82kJlj4oJl5w5PipKPW7aIU3lQ6QMvVhFcVNAQ4SJS0xGZYZOPzd0c-1tsmL9f--eCKyfPrh-lH4eFy8wBNkWdgWbHQNo5iUYJis71cndPzctro4H-SsA1grTJlzgaip-awbzPAXZJMwR4dHWzgzuystjRH7iMcN3AMRefICUHEND2FA3SZW_w0Tso2_Q5jZ2h46W54NdxTdMIyabdM7JaWD7E0AlmzXTqoQW0leFWvpBM2mdqW8K7AihA_c_0Qk-VRV8Ex8QaVybEGnVGp4a4RBIJwupzaYtVMbP7IU5VNkJtM7X5BgZeYrpksXvlT3sypo1Kk9CShu8xCCRqrX00aZrdBSgDcQGUs4LCaR6E4jrj7UXfpvFaBfOVnFVqgybfLx1Yh9riHbLLgoyJ2XoKhiW9JlSBENvFn2BwYisD86jGaQQ5uIH8UMS2JAzNwFHXegmVmH3Ko-E2vSiOpTIp1tsxF7mHW_vfLFDVVN3pGndJV_NyAuaoLDjvdSFMV_Tk3_JnSItzruVKI9q2c-msN9Om7u3U0ThZC8u1bEbNf-X2uts-8cHnm6U-K8QUjsuojRUMpbE7zezHr7g_1dBpN6D740VBY4vYzvauH5z_hWehqM1alOn9T5-2aQ6BnU09POTv3X6J6qbwsxlS4n0GSZehYrbJYKixlnOjZIcF28lbt6Z4oRrO7GcL9c1g9qA9duRofDZUMMIWdRmUtTecL2BcsQk6mGzoBygYKgOyUC4D8wtuQA8J0Zro-A8NGtJuht81Luwm6sNXT8dWkGxfVX4pRlfqNYsnmzNuhq5MPpvyJ4cujrMb1Go--ShgBFNKznrLpgotrU8r1saFl-RWuoCUQXH3K3tKb_F1N-2YtTpWTcRnNfqUdrNabbBwkvvuxquUL1V6H-yEIdEv6SClaZK-x8_SlWL08lBlPCdRG_3Tl0KcwYkqalCcCq4MFG_Gh67cQiaiZDivfOiaQNX1Fj6PBGQw58BveflwkGrcsZUgUMt2kcBnx-qJHRP-OhOL2LaANJsvAXqCIQ4SkgR8OtvmkkiPgVOqD41OYMCw1iaGyjVZRemIzd_MoAuXBnSlQ3KgHmvszJx0azW4vJo2c4N5lXlqW01VcxHal6iVzU1lpp8r_1HhSFdjwIn8dLLpRH74hYwsr61g1zhxfZ2Yd6Vbnd1ItgBG_RymT654MXk6P1tSw-jZegf35mk8gaWmGZfCusn4lAcGGqnbTgFX3oHKHkYPDhubv_rxdFcBZc-lDYIeclDRh-yN3Vxeq36CrAT4KwWsmAs3XGuVr-eiRac1Oav5bA_9pDL5IwOk0yTAofOt2upurHtvKeONKrg-6S6WDZ1DNOb-K7uL7vsuJGfyoJP9pA3SKodAE2yonEMDG7UEXZNKqOyHAG6Rcd4dwzKtT4n38P2PFCxkrzr-TFYKyytUGvUi3h9xB0VjrKWWAo4suE6ge9kwemUGeXfuv0Iiw5bJGcATbx8fYeFr9zV-RSUPdxkeot9Lq2qrNEpONVKccB2YvHgJL_RNBJTFkNBhRYzKJE_z5jzjrNmZElE3g_f06kQNpCSYWv5OFkbqmgiSlvHTczXNz1XhDxAD8m_QU6PK8IR9Iva1Iq_fYFAo_Ur114eCE5a8si4GcnWIMqHyWXYXK4SgptsWZeAfA_1KHuAIEV-JcfK8J4qsK6tuHtXNvIPkxLrZTjGns0bjyeTXvBY68Es7blbZ88LSZHwwCXCK4kNlLhynyfpV8I0sk90nuW69ODvZOhteFoKhAH4LLqz5cki1z3kVbrYjeuGipUXN6sLiflXjaNBtI_HuwLSSgUHppo7f6NlSKIFGs-WNSKtVdJXWMGZmbx0ULiqV80fShRHJbABMtaizSaSYAsCplxInQVK7AzD_mn3aHMZFiHrtDZRc7wAn-VzuFO8Y1BFp1ueP4VcSxHVYWSYIJN5Li7p19oT6QXwKTmNqWba_1vM374q_6KJ0tx9jvd0gFZlMkgRza-uGLa13tmNTdkAhK4gUWtcwGsGzhSBEOXEwbJX70jwtq-R8jMOnkDLbEbEGcJAW-Lfxr3NMOLdjPkunLtZwxLYVVnc7Vhy8ROmh_het-vRpcI0BcXASyi1VJP2gM-E_IFipJM64tlI6I-6xUjOFfDW9WN5BE0GxR5SBm0_lzspDISTuJybZi5iTpE295Lc2w4iVEGZjUh3si1sOyYnOKXrIBaRSABu2lpt8e1sTjCqFcdMixL4R6L0GFPIzvJ0fJC2MF1Nsjcs-AqHPni4pne3qJ3tsebCr_r1whpvwuIPE4TtG-1rPbJoX9b7JjN88zDxTu87_G3vodAJAQjWptwWX2UlaTluByuY2Uih9w5aOR5g7GLOfjmbD8OnNbyUSYPp1ooV4gL30qTskyrHtme5_oVZ70nci6BuJAwL293-3nkZdOqFVZaieQjrAj_BaB60wc8OH6n9LIxOyW5jaE467V-gXuDpzTsCfF345j4lfLR-JeIXac4GIqS2o1t__tA08EV5VmINxmEuhZced2gY52Cykzr3VcQSJJXdPf-HeS4YftpiSBmh6LmU4z5dAVvka180j_nQXGKKXykHQMWvhv88dhtnN7H_AmEbOAlW3qYrJ7UjMRAzdFzF66UgLasiCopQq3Rvz4hZbsE38eQxnldFfokO-x64kUyfClwOo8W5_x1jEwye3Mx4R0mV_zT1_KpOw9LuX_VjvzDz_Ulvu244ZZ0BNTSjHTABylhAapZDCK_0shULWFnvZpA23UWsIukMxNW8ntPEnr75iRY5nGy5sLdG87Oin09J0PHfcOigMVcl1OpcPZUP1pXg59WZ03U5WC1E_SIPTB_YErmkbyTEoZ1QCF5aBCG0Jf3fEJoUDrFSzO3-Mc5EPQnI7tfNUGpvcjMKMHNIb93dlS42-E48P7cQPoeNV4hi5xpOunMUmH8dEcKIByxzZ9r0ch35nKUEn5xI5TUroZO2IL60N4mbloGIOKC27gElJqH0TYSAzajgCX6yb0EFhqVuu0r_9_LzTwBX435G30jFBuNNql-YHeCMRfxrn9JDis-oOdJFhGaAYyqxofIFOvCNXouHGUCtSHeWaJYgxEsNPLMzB44w4u3trcIq2Sgnk1noI3ipcddga-Uv03RkK9d24HWy1z71A7EQfSOZsSvFFzQLThZMU-asF_65eCSfkBLweLYsl-p-UYZvDeJy7dNhQT5ykWw6UeSHX6wPtI5RgJMJdAhf2SHLwTdfkOC&cid=CAQSTgDICaaNR_CMrSuW-C-0hsK2KRduxGkBI5FqNMlMQZk8xXfSHdVqhKXSfdbek4jl0iFrBW0e9nocyQnn0kKtoAyWslqcsKo2CqKHVONGTRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=11418607384701354000&adk=3047537734&idt=76&cac=0&dtd=23

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 311037
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA5ODc0MjM0NDM4NAogIHNlcnZlcl9pcDogODUzODA3ODcKICBwcm9jZXNzX2lkOiAyODY5MjI2MTIwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame 2513 0
588 B 41ms
40ms Image
image/png 142.250.198.6
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjA5ODc0MjM0NDM4NAogIHNlcnZlcl9pcDogODUzODA3ODcKICBwcm9jZXNzX2lkOiAyODY5MjI2MTIwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMDQxODEwNjkwMDk5MDg0NjE5MgpkZWJ1Z19rZXk6IDI3MDMzNDY2NzA4NzU3Mjg1MDYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTEyLTA5IgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM2NzE2ODY1MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNzQwMDg2MDc2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE5OTk2Mzc1NjExCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDg5OTg0MDA0CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mcmFtZS5pbyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa625d7452d0e82a70000000000000000","13":"0x6fbb6c39ff2604d00000000000000000","14":"0x608697f9ed8c475d0000000000000000","15":"0x5f6697a150d14c170000000000000000"},"debug_key":"2703346670875728506","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"10418106900990846192"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 329D 35 B
470 B 689ms
67ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 09 Dec 2023 05:12:23 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 7BCE 0
217 B 368ms
6ms Document
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:22 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame DD17 39 B
182 B 3226ms
3162ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:25 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 329D 409 B
631 B 148ms
5ms Script
application/javascript 52.192.40.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Dec 2023 05:12:22 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 329D 5 KB
3 KB 296ms
73ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 09 Dec 2023 05:22:22 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 329D 0
217 B 370ms
8ms Image
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 329D
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
497 B

176ms
147ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google
m.holmesmind.com/ml/ Frame 329D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1

0
467 B

73ms
14ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-guploader-uploadid: ABPtcPpLx0AvdnwgF9-_kma-j3JOZ0g5wlI8b6epyQ7ZDTwYPNYuoWNVJfHSRNeYPZmZWIEkTbKwr5q1PX5X5q0O7iMb-g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 09 Dec 2023 06:12:22 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F155
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=vj2mB3xMTXhKTURMZUpxRlNCTG4ybThlUTlDcFJ3TmdNZ2lmNkFPZmZoUTBVS0p0dnBsRDVLS0RtRUdza0VpeHAyc0UxejdsVVV1djlGTXdMaWFTQVJ0RDRGQkpkU1dpdFpQMUVUZEw0cE9HU1JDSlNXc3V3OEdpVXE1eW...

441 B
674 B

463ms
147ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vj2mB3xMTXhKTURMZUpxRlNCTG4ybThlUTlDcFJ3TmdNZ2lmNkFPZmZoUTBVS0p0dnBsRDVLS0RtRUdza0VpeHAyc0UxejdsVVV1djlGTXdMaWFTQVJ0RDRGQkpkU1dpdFpQMUVUZEw0cE9HU1JDSlNXc3V3OEdpVXE1eWx0R0djQ3dqVmpmNzgzbS9LRHRzZ2JSQk9NWHZSZ241OUZLS3FoRmM5N2N5U1diTkNFS0VVK0s0ZU5nQUNtNm1RbzNncXVNN1JUYTdrcGpwbU5ZNnVBK0ZMdzFNZW5EZzhiZ0hwcC9SN1VTUXBDSGEybGxtQ0dINUJiN0tXVmVHc0VFd1NUcFRJQmNFWktNYjBocDRLQ2d2MjFEWEF6QT09fA&cppv=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b5c2fddd74e1cb9d39d962a6911812d24b1c7fad50fe6ce901f32e9eebc4fa92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1003456
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=vj2mB3xMTXhKTURMZUpxRlNCTG4ybThlUTlDcFJ3TmdNZ2lmNkFPZmZoUTBVS0p0dnBsRDVLS0RtRUdza0VpeHAyc0UxejdsVVV1djlGTXdMaWFTQVJ0RDRGQkpkU1dpdFpQMUVUZEw0cE9HU1JDSlNXc3V3OEdpVXE1eWx0R0djQ3dqVmpmNzgzbS9LRHRzZ2JSQk9NWHZSZ241OUZLS3FoRmM5N2N5U1diTkNFS0VVK0s0ZU5nQUNtNm1RbzNncXVNN1JUYTdrcGpwbU5ZNnVBK0ZMdzFNZW5EZzhiZ0hwcC9SN1VTUXBDSGEybGxtQ0dINUJiN0tXVmVHc0VFd1NUcFRJQmNFWktNYjBocDRLQ2d2MjFEWEF6QT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 256343
content-length: 0
expires: 0

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 283D 35 B
470 B 670ms
67ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 09 Dec 2023 05:12:23 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 283D 0
217 B 349ms
7ms Image
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 283D
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
499 B

173ms
146ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 09 Dec 2023 05:12:22 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame E006 0
218 B 344ms
4ms Document
text/html 52.192.8.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.192.8.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-8-212.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:22 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame FC66 332 B
408 B 6204ms
6163ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:28 GMT
referrer-policy: no-referrer

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 283D 409 B
632 B 125ms
5ms Script
application/javascript 52.192.40.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 09 Dec 2023 05:12:22 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2

200

google
m.holmesmind.com/ml/ Frame 283D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1

0
143 B

29ms
18ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
x-guploader-uploadid: ABPtcPo9PINbt2i-K__j13eQ7q6h7u9N7J2vLRVc7pykHlC8hp--gFkfhALAOyPQjHu4fEZ_bdkE1l-xKLHMKtBpBQfNfyw6z3Zf
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Sat, 09 Dec 2023 06:12:22 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESELNFRenMrD7IpGk4Ed5zPO0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame 2513 60 KB
20 KB 2ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158900&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iKpMXY_s0HjZLARYz3H_Hl&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:12:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sun, 08 Dec 2024 05:12:22 GMT

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 50C0 7 KB
1 KB 369ms
17ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14209
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 50C0 30 KB
30 KB 4ms
4ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Sat, 09 Dec 2023 05:12:02 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 30
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: fobyAxLpzFN8eUuMe9fgrwoySQY5_YFM2dt7YWO_YKkzxhN6s_PTLQ==

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 51C4 1 KB
673 B 357ms
8ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 51C4 30 KB
30 KB 3ms
3ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Sat, 09 Dec 2023 05:12:02 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 30
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: uzCMQwYkAPfX7AtIyK1h4uZnkoOgoyu6AvQ6b1MyNkFtNvcGa1XVIg==

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame F1D0 38 KB
13 KB 3ms
3ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 206867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cvb-logo-buttons-2_1.png
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 16 KB
16 KB 3ms
3ms Image
image/png 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-logo-buttons-2_1.png

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64d618ef0b6eca4c61f62c3ec46adfe81f7921505ac7c97c7bd2648364dc84e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 12:47:35 GMT
x-content-type-options: nosniff
age: 145487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16403
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 12:47:35 GMT

GET
H3 200 cvb-green-1_1.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 16 KB
16 KB 5ms
4ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-green-1_1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6b9ff96d825db385f78d8dc081ba4f04f9479f081709ce7cc375a56e5ee7bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 12:47:35 GMT
x-content-type-options: nosniff
age: 145487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16360
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 12:47:35 GMT

GET
H3 200 cvb-cda-resort-spa_1.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 11 KB
12 KB 8ms
7ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-cda-resort-spa_1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b5130f592d67caa481f546160ff229324e58e0460a440b5d20e45442457c2bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 00:09:25 GMT
x-content-type-options: nosniff
age: 18177
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11772
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 08 Dec 2024 00:09:25 GMT

GET
H3 200 cvb-biking-1_1.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 23 KB
23 KB 7ms
6ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-biking-1_1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8efed1397a9c2e53aeb4c932ae10b06a530dfb865cf97036023073d16382181a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 12:47:35 GMT
x-content-type-options: nosniff
age: 145487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23484
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 12:47:35 GMT

GET
H3 200 cvb-cda-resort-fall-cruise_1.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 24 KB
24 KB 6ms
5ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-cda-resort-fall-cruise_1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0fffb4284a61e0f3313eae839b4c71d5eb0f43e823e2c6e4535a359fcd3ffd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 22:29:19 GMT
x-content-type-options: nosniff
age: 24183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24229
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 22:29:19 GMT

GET
H3 200 cvb-silverwood-scarywood-1_1.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 21 KB
21 KB 10ms
9ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-silverwood-scarywood-1_1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcffa301fda0c6a4e8d01ff5206993d1201eebaf4da69a49269a9fd25973ca11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 12:47:35 GMT
x-content-type-options: nosniff
age: 145487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21955
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 12:47:35 GMT

GET
H3 200 cvb-cda-resort-dusk_1.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 20 KB
20 KB 10ms
9ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-cda-resort-dusk_1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a7472d11dbdbadbe287b223ca55bfbd1d07ce0e74fce33e9c90ae82f2c75700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:50:53 GMT
x-content-type-options: nosniff
age: 30089
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20370
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:50:53 GMT

GET
H3 200 cvb-bg-2.jpg
s0.2mdn.net/sadbundle/9141147538204256550/ Frame A23C 7 KB
7 KB 9ms
8ms Image
image/jpeg 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9141147538204256550/cvb-bg-2.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93947ec0e0c58af9b28bc07d173145d6d04804dfba3ad67a7c71c62a4fd8dc71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://s0.2mdn.net/sadbundle/9141147538204256550/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 12:47:35 GMT
x-content-type-options: nosniff
age: 145487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6934
x-xss-protection: 0
last-modified: Thu, 30 Nov 2023 15:51:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 06 Dec 2024 12:47:35 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 2513 1 KB
928 B 878ms
87ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_925419556918&jsTagObjCallback=__tagObject_callback_925419556918&num=6&ctx=1828362&cmp=115741&plc=4158900&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=925419556918&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&ppid=103&auevent=ABAjH0iKpMXY_s0HjZLARYz3H_Hl&aucrtv=489984004&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375611&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://reurl.cc/gaOWLp&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=10&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauff5h7a43%60hcg%60b25c3f46f__db5ahbgf%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=12.20&aubndl=&audeal=&callbackName=__verify_callback_925419556918
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 80796e51ac4f447093486b9200c00e66b253bc593fac56574b069062ea260271

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 05:12:23 GMT
Content-Encoding: br
X-DV-Response: 1
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/08/2023 05:12:23

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F1D0 39 KB
15 KB 4ms
4ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:30:49 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 283D 202 KB
53 KB 4ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 05:12:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hSEkFKv8udCCjpuOp21DOfHtQxuSe195nKfXbcRUVPlooucwUREsT1nqG1tVl4gIrQ66c/hY/zQjo3kYyjOenw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 329D 202 KB
53 KB 5ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 09 Dec 2023 05:12:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: hSEkFKv8udCCjpuOp21DOfHtQxuSe195nKfXbcRUVPlooucwUREsT1nqG1tVl4gIrQ66c/hY/zQjo3kYyjOenw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5D9 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrPSPNfdzZc3pHaOCid4Pv-SiiAwAAAAAOAHgBAI&bg=!d3SldDvNAAY3kmNgF5I7ADQBe5WfOEVJUTF7g8OJtunuKDHFVx4M3eYzfo9LPb9ROTtjPcQ1GdhTjxQuMmW2M_-ssgS0AgAAALdSAAAAA2gBBwoAE-gdNQ9J7mdaodSwIw6sXiETq0mZAzTGjjUhYJwNmN3OMiy2BsPGed_JUs2ZZYyy_nuNbuaKeX71UG90YST0D9DAE0oSXPjS2XljSVyPWkjJaI4NpSdsUgTT694zU-XqjjEjXExKH16OHRn0EcyvLH0piyBd4PjHjOAEuq8kOF0dNuyY0Nq1TslNFeHJk-SKo5Kw2m2T3dr7TS1fge1tf29Ya9nwU5A44-yfOnEPjKcy_ZwWVoBL-bBsGIg_zgFvlW1AUwByVD56fj4uc8JCtwq1aTyyk64y00Gp43BABeTV4WbhRAD0LAQjZVHhNckWgHFO-MnvjHLVea98L7Ie-33JiXnzltmiZ1bhLskBaHrx_qcJbBRk_1QzGmlR8RjlfRUlZ6-NNfhlOPKMS0CDjXqqOAykEZC3BI_klPPP6Xx19xXOT6-5RtLEvQMMbxrPoHiARtEh4tfrB_d3vkm1Ids-6A87HMrcmR-Pc0lOl5d8vSdUFJrvbvWLyviPvfkePWSMtwcJu3gpBAHYDTfDpJDJR19Z4ziGX8oXQXwQL7yfhYJ_mRn8mEqN7FTVEhpapUE9HlwvyF2VVqGO2v6kyMd4YuDz3he8mHPfw-CZHqP73S6xfKgLPBwxVmxAhmaDv6d6hYRtP9IC5ml_iksIaQIGaj6IAfsj5dQTUcZa7Hx1EOjsaYsqTF1N1OOtxGGLslOL4CVG_4udQ7WgVZO7LTL_mJRRcISs2c2VdpAbp71U4ubaPWAVSSkW2Donx7b3Trs06O-TWqwtI_7T6ewfdfHp2A9dFiigf0WF5RkNsCwJp05KI6jSLfyl4PCZUcxEZUkjGEuM7S3JRqsqy4nwg0zTbLsvpcLX3ejVWhqZlhk36I7jrzmiSjVHquiuq9OOADaBgh1KVKlu6_KD4mjzEezZgaw-1_REsyNiaKGmnfbZbGc1lXd1CAGqM18f2hvzMwcHV01wUVzUvNVUkdOeDoW3IasBITPE6jNyHZ5yvCpeGfLnRZcZvEn6P7QDOy13ubbtj_lF6tfMMKqTxT0i65LAYuX3BpErF7jcyIqPf4gXeoWEDZOkDX4BMwTHkg30X3M8F0kI3qDYxJUrGG9l0QtoqrcMWmm1Q9p5

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F1D0 0
20 B 44ms
44ms Image
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BHQ-3NvdzZcCCFbOd29gPiNWT2AoAAAAAOAHgBAI&bg=!OzilOHfNAAY3kmNgF5I7ADQBe5WfODBxN3HHEFoOt-mysQ5VSC1YZVSS2M4_KzTV2fSaHl6M_zefZIqd1uBibNNlltgEAgAAAF5SAAAAAmgBB5kDRNGrUccbSb7pqnwB-rEfDMR-pEYCd63oHSpwTlwlK7hUMFMwRGOZxt26Wr-Gz2dyyhEKG_l9tOOtndrJqQD76NX0g6C7u3axNPJAJ-IZNIi28iuXGJTa9mJdqP9smFWc5xP45elKA_CPFn6Bfd57k4abj92TmbMmr6rrfRsOShN3GL8_CK8zfyP4Yxv5u063PR1ze3Gcib6J8U0PLOO4ibSpdUupa_1zteeii4MPEry6DL9ZKD6U87O3gJ5gLn6BKE_Kmjgu4VHJiwFOeFOTU3XUzPuPoyQdvvPdPdZsOBWFzRtdG-GpZZmWhL37jwkJwf8X3uW8pMjVULGzs8Eclr2LwYDL_8C7DysHuDF8psoNeLPpR6WZ_7NR_tG45xYQwH9gwCCzX3F08kISnv95J0uvoTlPmg2AQ6iTaN8QOI5HnHJrPF6q4s7iKgawY-o_ZjJJcDHAWbltF073UrUnvOVJ3x36WtJMVyEc-iJpww8KT9A4B4D7KHc4MzaU8nMxj-ja0Be3xfanPixDr2SRALbR-X6auamNx0lk4M8ZnqV7T9qKi5kU4moSHkcK-nzzQBFkeoiiK_rGe1dndl4PMDo5yn3fo-Y3FFRMDIYc8FoVX55twf3-I0VhwZDNhagJ-AjhgpMhwzkbgI141DPEVPUHwsK5HmlG2e_0ayxVxLX_YvZ1_DEILOXnV9IXEpCq6_oIWjobFIh99zjJ333ib5el1IsaIyaGXXz_hRlkMJtksrWii6sOtDxOj2Hrcd-f_NezW_-9_q6v5p5nxM7ESNK8mnuTAjQ5JqL7ZFk4bvUmF7WvC78s2Dm7Zx6rFuP2A4-fmRjkkQccpWBKNRFK09FIAkACnVpfuq8Ze1BVxZUTjOKMeNMeWOhFcQcz1mFVwRa00o4hskwGTItsEwQmAdZyYI_xqWRfecQlYkblOD8lVp6hlQwn1KdIb9V9vGZbjbbJ2wjHxO31lB73QvC6H15ut55YTMB23kV4OsNqp_v9j4ZuMA2Aen_lnOr7wKepvTAR8JeJWlnoRRLqgIZkfitewm0AGfyOdrUmROGM85opvStA7WBrsFd9dPBjkbHzgPCqysDfWE8MJ6c_A3KJu5y4tovA

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 329D 37 B
408 B 76ms
76ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

5f095afc96e2fdd1c26cdc04a3b430313cf4457db972ad53dc16d2e139f93d78

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.832/ 469 KB
139 KB 158ms
3ms Script
application/javascript 13.32.50.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.50.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-50-91.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:09:30 GMT
content-encoding: gzip
via: 1.1 25caeecf79d1babf9c1aeb8ae41d4e36.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-C1
age: 1458173
etag: W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: oM0EzASt8AxSu12YdxwN0WAMYhtmcLoGmSg430Nzt-WRlNbtH6Y5RQ==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 51C4 3 KB
1 KB 75ms
43ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=251&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6206-Pidjxb94YRnodknpn9Ywi51ThnP5E1Dk&fp_uuid=6206-f39d29b9e65fac900be8f2195079f5ae&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e62a1fa8d2ea4113423f3ae57d33405624a21fcf0adbf49d7a5c5687b8a35eca

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 51C4 3 KB
3 KB 20ms
0ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Sat, 09 Dec 2023 05:12:05 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 25
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: dxqSpPHqE__qiABQSsMNsxaou5nOxU5c1L-R49cZDwZlCi4JvuZtng==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 51C4 131 KB
42 KB 215ms
184ms Script
text/javascript 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 05:12:22 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 51C4 3 KB
4 KB 19ms
0ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Sat, 09 Dec 2023 05:11:30 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 53
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: nLDuJHREThWSEJfwxMDb6cKWL0P2YK2bokWj7cUBajs5AuDoelidqA==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 51C4 3 KB
4 KB 20ms
0ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Sat, 09 Dec 2023 05:12:19 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 53
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: ba903tUcPw_1PtwVLeMDY04X5QJi1h5DJYmACgrUVzeb6Jz3AsZCWA==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 51C4 3 KB
4 KB 21ms
0ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Sat, 09 Dec 2023 05:12:13 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 28
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: VXgWsySM6ucmxWzWuLXilDgH_ksutgo6pNyRSfukBPW35WS60bG-qA==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 51C4 5 KB
6 KB 21ms
0ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Sat, 09 Dec 2023 05:12:05 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 56
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: S8OMqXDRY-SI8XlAx9MGQYH52gJ8snxI40M53ByzePMe92IeJjp_2Q==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 50C0 2 KB
1 KB 65ms
54ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=189&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6206-Pidjxb94YRnodknpn9Ywi51ThnP5E1Dk&fp_uuid=6206-f39d29b9e65fac900be8f2195079f5ae&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7c1968557b57ed2978e4d16a9383aa01a31b0b6e1d4bfa4ff56520d3c4583fc2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:22 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 50C0 3 KB
4 KB 14ms
3ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Sat, 09 Dec 2023 05:12:13 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 28
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: KMDzIDtoTLWwf-aEyJfFmMX8rLFLkmNz9bLbFzIcHbmgXjrtDCCl0A==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 50C0 5 KB
6 KB 15ms
5ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Sat, 09 Dec 2023 05:12:05 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 56
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: KrzZFnrwZm6WXx8ZBjm0fYNaJmkmZ3aOALQ4oeW7uh9vQ4-6uy_0yA==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 51C4 0
171 B 275ms
70ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 51C4 2 KB
2 KB 283ms
81ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.1439189397896643
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: 14609189a75f7791fd1edbd2a237967550154a1d5560ecba4620ae406930e405

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Sat, 09 Dec 2023 05:12:22 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel
Transfer-Encoding: chunked

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 51C4
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=sd7ZmhTjA0OkoScyN_dzZQ

2 B
159 B

39ms
37ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=sd7ZmhTjA0OkoScyN_dzZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 05:12:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=sd7ZmhTjA0OkoScyN_dzZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 51C4
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=ka1gIUdSA2yohF6dN_dzZQ

2 B
130 B

132ms
131ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=ka1gIUdSA2yohF6dN_dzZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 05:12:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=ka1gIUdSA2yohF6dN_dzZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 50C0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=5AUmHs2PCt6-lfBKN_dzZQ

2 B
130 B

136ms
136ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=5AUmHs2PCt6-lfBKN_dzZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 05:12:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=5AUmHs2PCt6-lfBKN_dzZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 50C0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=vlHLC-yhB2mz4gmEN_dzZQ

2 B
131 B

139ms
138ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=vlHLC-yhB2mz4gmEN_dzZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 05:12:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=vlHLC-yhB2mz4gmEN_dzZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 50C0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=ddLKtWelDZKTOeiuN_dzZQ

2 B
130 B

138ms
137ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=ddLKtWelDZKTOeiuN_dzZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 05:12:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=ddLKtWelDZKTOeiuN_dzZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 50C0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=1cRitdzJADmTaJm6N_dzZQ

2 B
130 B

46ms
45ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=1cRitdzJADmTaJm6N_dzZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 09 Dec 2023 05:12:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=1cRitdzJADmTaJm6N_dzZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 51C4 13 KB
13 KB 5ms
5ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=251&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6206-Pidjxb94YRnodknpn9Ywi51ThnP5E1Dk&fp_uuid=6206-f39d29b9e65fac900be8f2195079f5ae&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Sat, 09 Dec 2023 05:12:14 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 28
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: 9_ntzV0efxnZFJI8JeQ3tZfWF9fcB9vZ9lUbLf7VXup-nbojwTvNyQ==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 50C0 13 KB
13 KB 4ms
3ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14209&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=189&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=6206-Pidjxb94YRnodknpn9Ywi51ThnP5E1Dk&fp_uuid=6206-f39d29b9e65fac900be8f2195079f5ae&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Sat, 09 Dec 2023 05:12:14 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 28
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: K0etPT8J52x4RV37DkxLLJqiuz-Yaja6cIpd2mksLKZzQCiQVN_mZg==

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 52 B
595 B 913ms
207ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.3155626688905109
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 05:12:23 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 52

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 51C4 5 KB
3 KB 76ms
75ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 09 Dec 2023 05:22:23 GMT

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 50C0 5 KB
3 KB 74ms
73ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 09 Dec 2023 05:22:23 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 51C4 36 B
400 B 76ms
75ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

2c625a630d0cfe255e160360e835417812146c29256ec0d40514afbcc686eadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 50C0 36 B
400 B 75ms
75ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

2c625a630d0cfe255e160360e835417812146c29256ec0d40514afbcc686eadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 51C4 0
187 B 437ms
149ms XHR
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=1pBJzl96Rm5Zako2b1F4R0F1JTJGWHBGdjBISEUlMkJPcThEU2x6NVFGWTltYWhoZUpORkZSamo3Q0RLR1J2JTJCcVdxT0VEaSUyRncyUldVcyUyQnhDeG51T0F3aEhydm9nU21yampvTzJMaTZCSGMlMkZVTkczb3ViRlh6QW1XZlJCeFlFWHhGTERqY1N1TkpseEtjdFJqcEZrZ0VDYnRDcEwzZGclM0QlM0Q&cb=50792200351

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 51C4 30 B
271 B 76ms
76ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=398283da-0402-4d2d-a0c2-18aee9437979

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B619 42 B
64 B 83ms
45ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCr6zxEH3zmNkVAhnCeTrxWrOAqmWcrkftRpVf0U5DvjSZHGUcSRSFYBvmV1wydmwq-xwQ7MLqjTXFCm015OStOZ8laLAvmZu4sL43GBO4b4WqTLFOULut8T_CvzQFL7dMoin-1G7_gg&sai=AMfl-YTWRhqMrmzA-fkj0wSoOAl4na6aGjjbPgFdYiYFFJcGelytK7Q&sig=Cg0ArKJSzMeZIAmTY7_OEAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098741839&rpt=422&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 996B 42 B
64 B 80ms
44ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiNY8kJi5i2tuv5l5CjGj0NAygyG8ZttnOJXRNroCZBltfqYIgZVpau4zKk0DxsgUZQoiWJT2qupVwGVWcGVZvl2wjFbbqFQqNDzRyVlr8bo7t64ZkLQT2ZuFIlhUH&sai=AMfl-YSftnoG14q5hqUNG_6LlK9pUpIvryxoq_ZGhridTE4kIoh3DZK31ixQLB7kDgpLRc6cEg5sgTqmADnk5uK_7wAHD5EXS3gZoUVeogb0c513sMrqwka-tUELgxM7kdZWh2EjWiezdGuHWvTrGV0nyJGGD6uZs66GhGI&sig=Cg0ArKJSzEa-oUdy9MsEEAE&cid=CAQSTgDICaaNR_CMrSuW-C-0hsK2KRduxGkBI5FqNMlMQZk8xXfSHdVqhKXSfdbek4jl0iFrBW0e9nocyQnn0kKtoAyWslqcsKo2CqKHVONGTRgB&id=lidar2&mcvt=1002&p=505,315,595,1285&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098741957&rpt=236&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Live_Streaming.js Show response
cdn.holmesmind.com/js/modle/ Frame 51C4 40 KB
40 KB 4ms
4ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: X_aLocCqsmqPAx2U1E3_4JQDn3OISwiD
date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 06:48:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 26
x-amz-server-side-encryption: AES256
etag: "d51f4efc881ddc4b5200ee509878d138"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 40584
x-amz-cf-id: KGG4zZF3dFc-r_phISkasmwScKqUCNtfe4AiSQxAMZX6JR54oHYdNg==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 51C4 2 KB
3 KB 6ms
5ms Image
image/png 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: JXDsYp0MpCsC07xlgs6M6Edv23lP_HUM
date: Fri, 08 Dec 2023 18:58:45 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 03:09:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 36818
x-amz-server-side-encryption: AES256
etag: "7cb0cc414e01c6f48a9eefee02d81959"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2399
x-amz-cf-id: wM0UyOeqf8qTN_LaotR-dJfPtnDKKmn1IbYs5rK8HcFeSILXXooWTA==

GET
H2 200 ccf5c33937c6404c55f8f9e56471643d.jpg
cdn.holmesmind.com/image/23016/ Frame FA0B 48 KB
48 KB 4ms
3ms Image
image/jpeg 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/23016/ccf5c33937c6404c55f8f9e56471643d.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6705d4595d0844226acbb101be72d22aca7f22ec5a1ac31dde5d86683813156

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 02:52:06 GMT
x-amz-version-id: f1nZjlaUWSw37dRRcaDK6lB6eFZ0RQ4M
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 09:24:12 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 8418
etag: "cf48e46421372da7a8f8619748298039"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 49016
x-amz-cf-id: 8atV3WGJZHWPymyh3NqKYHsKHFEOz4AAloiXTH80E8gxwpJ8o6XU0g==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame FA0B 2 KB
2 KB 5ms
5ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 27
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: JennnVud0pW2vk8C7hfrmsI4q-vVkumVEfTVGLkEifo_K_k2ZQ3SSw==

GET
H2 200 v_sdk.js Show response
cdn.holmesmind.com/js/modle/v/ Frame FA0B 192 B
592 B 6ms
5ms Script
application/javascript 2600:9000:20e4:8a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e4:8a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

x-amz-version-id: wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date: Sat, 09 Dec 2023 05:12:23 GMT
via: 1.1 6bdff89d7edf793d60fc3af5190198de.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:17 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 21
x-amz-server-side-encryption: AES256
etag: "8644272abfaa44219b2ed3d118b43dbc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 192
x-amz-cf-id: chs6XbAhPm0sKGAkFfv8f1MUb3Wub0wh9JzDYWVJ7CVqB_QbUKy7Cw==

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame FA0B 3 KB
2 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1420ef7b723f0ded8722960592fc4f76bbbec40cc3aba007bdb8b08794bd31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:23 GMT
content-md5: ikDI54atlf4ZNNBoBQ9S/w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints
x-fb-debug: P0OBoBxFsxovo6f7h94EaCY8gTEjzN8CzzI1P9afD5awIk2NGko/ptuXhZrAkjTpDsxIGZwAmcBHqK6bF02Cag==
x-fb-content-md5: 19d73fe5b1427e06bc74a895d154aa4b
cross-origin-opener-policy: same-origin-allow-popups
etag: "6c06e55b1a9e5fc47cd94a86064a4cbe"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 09 Dec 2023 05:18:47 GMT

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 51C4 0
77 B 7ms
7ms Image
image/png 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1702098742&p=14210:107182:202775:e004976bf18fbffe4ed374beb5e00cf2:23016
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-type: image/png
date: Sat, 09 Dec 2023 05:12:23 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 329D 0
194 B 78ms
76ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=398283da-0402-4d2d-a0c2-18aee9437979

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net/ Frame 329D 0
79 B 198ms
73ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net/pixel?bd=398283da-0402-4d2d-a0c2-18aee9437979&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ Frame FA0B 302 KB
86 KB 4ms
3ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b6a6555d0eeef049ca32d1870d6acb9d

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f6d4b8c60079c67c97308fd49f186c5a7b61510b90ede28f7711ba1b3b1c56c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://reurl.cc/gaOWLp
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:23 GMT
content-md5: eehZJO6hpypVcGbsW6BC3A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88321
reporting-endpoints
x-fb-debug: 1FLH8C4CEfViyV4mJz3dqYRz+jfx5p1uO1AuInZ6Bpk9lVuZPKG9WkbaBQ8eXYOt1GjnH1jh0+oGP8z5u7cO0g==
x-fb-content-md5: be71fe895cfeaeaf67f449388392a579
cross-origin-opener-policy: same-origin-allow-popups
etag: "019af0106e03298130eb1fe22708c832"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Dec 2024 03:57:45 GMT

GET
H3 200 video.php Show response
www.facebook.com/v3.2/plugins/ Frame A5B7 168 KB
42 KB 383ms
382ms Document
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b6a6555d0eeef049ca32d1870d6acb9d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b851f1055df85d2a249f3cb48f1fa9e520ad9b59e88061b88884b66d78b2dca1

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
priority: u=0,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: uxiQBfExh9y5GQyivTGPvNhxjuI2GFo7/T7BxdNtsveFhjdC4q2PZaKL5sQWj4chhJ+l5etDx8ip1cxDrBFrxw==
x-xss-protection: 0

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2513 18 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:27:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Sat, 09 Dec 2023 05:27:53 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 52DB 42 B
64 B 44ms
43ms Image
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuHK6ZIf1t5sP0mfDi4nnBAi0W8gf3GYFWiQ3VLzmvpWIRCx-UfaQ6R3pe2MZ-RwH3KXXOZJHPB3q_CC7VrOs0gicWvU37rGJa-HfNU3TtcJoj4PYcHlz2Mjeo_2fB5BV5FjaVWABFGeQ&sai=AMfl-YR8phi72s1jnIdmuUDtbIjSDIEB2_qW5TjwwwA_WWrdYBUH8Mtj2YCxGHWUQUwr5TiL1Bx7GLLrrgO7OMegxnFIRmmfkE7qZ7HV4ELHPtj6sEzSR1dZVYTe1ckvk_SFBHuDcU083bftJJlb0hbFjL95rECmL8R3CB4&sig=Cg0ArKJSzAU1SVLmJJ61EAE&cid=CAQSTgDICaaNR_CMrSuW-C-0hsK2KRduxGkBI5FqNMlMQZk8xXfSHdVqhKXSfdbek4jl0iFrBW0e9nocyQnn0kKtoAyWslqcsKo2CqKHVONGTRgB&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=424&tls=1424&g=100&h=100&tt=1424&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 2513 59 KB
23 KB 3ms
3ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 11:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 11:56:26 GMT

GET
H3 200 B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=qnxs7g;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=eKPv2... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 2513 67 KB
30 KB 85ms
84ms Script
text/javascript 142.250.198.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=qnxs7g;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=eKPv26fp*0;stc=1;chaa=1;sttr=31;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.198.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f6.1e100.net

Software

cafe /

Resource Hash

8c04bb56386ca291c350b9a793f4bc9039c5435ed5494e1df96e5950f5f2836c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30801
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2513 202 KB
64 KB 76ms
75ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=99.292;sz=300x250;u_sd=1;dc_adk=3047537790;ord=qnxs7g;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=1,https%3A%2F%2Freurl.cc%2FgaOWLp$0;xdt=1;crlt=eKPv26fp*0;stc=1;chaa=1;sttr=31;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 2513 11 KB
4 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 19:17:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35665
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 19:17:58 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2513 0
0 137ms
42ms Fetch
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGkj3xrMvtoSwFYOq41ENlVapxW6hGvnP7Cgs1h8Bt1oLO0KM_oJyC1CUl1dxsnSnIENcP4-VgHVXxoO5X2D1iXI6tb-xInOhbo9hOfZUdFLr6QWVaifWlUq_PxSiUoiDjODjEvQ9HP6epBkPxHBXzY6BIrw&sai=AMfl-YRf71lRJXsjkcQF_fkkb-ns3Vld5wJM4TuZ7uoa1B4ojdNU1eH5fNxx87_L41dJ7a0O2M20GVeuj5utBJ8YdCj3T5gGnkBwvduldg&sig=Cg0ArKJSzNdC7MaFzCztEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231206.48972&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2513 41 KB
14 KB 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 311038
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H3 200 12224131752392196093
s0.2mdn.net/simgad/ Frame 2513 144 KB
144 KB 3ms
3ms Image
image/png 2404:6800:4004:825::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12224131752392196093

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2006 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 20:15:44 GMT
x-content-type-options: nosniff
age: 32199
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147304
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 20:18:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 20:15:44 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame 4E33 424 KB
101 KB 2ms
2ms Script
application/javascript 2600:140b:a800::17c3:5b8a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a800::17c3:5b8a Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Sat, 09 Dec 2023 05:12:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sun, 08 Dec 2024 05:12:23 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 008A 92 KB
30 KB 130ms
130ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7846d18e8e07dccf50840cfc09c06504b7fcd1be7ee0850007ae44dc9e8f87c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30279
x-xss-protection: 0
server: cafe
etag: 544 / 19700 / m202312040101 / config-hash: 18041799505519846586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:23 GMT

GET
DATA 200
OK truncated
/ Frame 2513 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fe5e7f96dd590e013e360fd826cbfbf824397f5b3f670d5a7b2a5dbc378da5e

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2513 0
0 81ms
46ms Fetch
image/gif 142.251.42.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvGkj3xrMvtoSwFYOq41ENlVapxW6hGvnP7Cgs1h8Bt1oLO0KM_oJyC1CUl1dxsnSnIENcP4-VgHVXxoO5X2D1iXI6tb-xInOhbo9hOfZUdFLr6QWVaifWlUq_PxSiUoiDjODjEvQ9HP6epBkPxHBXzY6BIrw&sai=AMfl-YRf71lRJXsjkcQF_fkkb-ns3Vld5wJM4TuZ7uoa1B4ojdNU1eH5fNxx87_L41dJ7a0O2M20GVeuj5utBJ8YdCj3T5gGnkBwvduldg&sig=Cg0ArKJSzNdC7MaFzCztEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=61&vt=11&dtpt=60&dett=2&cstd=0&cisv=r20231206.48972&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6E54 38 KB
13 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 206868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 4E33 699 B
733 B 783ms
88ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=72&ttfrms=22&brid=3&brver=120.0.6099.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTauff5h7a43%60hcg%60b25c3f46f__db5ahbgf%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1702098743678629&jsCallback=dvCallback_1702098743678346&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=10&brh=3&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0iKpMXY_s0HjZLARYz3H_Hl&aucrtv=489984004&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375611&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=152582803.52784887&ee_dp_sukv=152582803.52784887&dvp_tukv=1581031454230.5327&ee_dp_tukv=1581031454230.5327&dvp_tuid=623268933360&jurtd=4030701927
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: a937e9e125a28b82b9fc305d4430833f91e747565885f9d32cb2f1cce7170e43

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 05:12:24 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/08/2023 05:12:24

POST
H2 204 events
bidder.criteo.com/csm/ Frame 51C4 0
186 B 145ms
144ms Ping
text/plain 2406:2600:4::12
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::12 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Sat, 09 Dec 2023 05:12:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 51C4 43 B
365 B 144ms
143ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 03 Dec 2024 05:12:23 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 51C4 43 B
365 B 144ms
144ms Image
image/gif 2406:2600:4::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 03 Dec 2024 05:12:23 GMT

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame 50C0 0
187 B 77ms
77ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=50ef57&cid=6206-Pidjxb94YRnodknpn9Ywi51ThnP5E1Dk&mp=398283da-0402-4d2d-a0c2-18aee9437979

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net/ Frame 50C0 0
79 B 73ms
73ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net/pixel?bd=398283da-0402-4d2d-a0c2-18aee9437979&t=50ef57&referrer=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

GET
H3 200 Zb7qjlwFTG5.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame A5B7 582 KB
141 KB 5ms
5ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3357e675ea4f190381d0d4969e3af833e76d64fd9f37881b2e3229a537e51b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 3sc6f40IYvjADv8KUWs/Bg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144004
reporting-endpoints
x-fb-debug: fc0SSmbN1us1XNCwnA9fBqaH/tnDhJUkOx1anTvxBbd2Yh03bwQL6HsxbI+06fNTpGkYkR6UrNcuBTuHvK5r4w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sun, 08 Dec 2024 03:58:01 GMT

GET
H3 200 Qfo55ay3XFG.css
static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/ Frame A5B7 29 KB
7 KB 9ms
8ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: iFoyUyk7Swig89SScjaqMQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7084
reporting-endpoints
x-fb-debug: tKRgzHE8m+nplvm7HX/U0hgomsYWtTYoiwpiG50gBDd+7X5xZvkEXI2LSzeQTFQBMgw28hex2kOhB3KZqc3HaQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sat, 07 Dec 2024 16:52:10 GMT

GET
H3 200 JS2LsxE-gw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame A5B7 354 KB
92 KB 10ms
8ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Veg+9swSo/ybchlTfP+avA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93749
reporting-endpoints
x-fb-debug: zn/I2ZckP8Ozbhs31jzZbKLd7wi99zkNBQVfTUtJ5nl6B0W4/hZBo03YU0DY0Du894WEGDQOzzBjolGByQASjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 08 Dec 2024 01:07:24 GMT

GET
H3 200 aQFKd1NFgFT.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/ Frame A5B7 90 KB
25 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QxtSbDtVvcAOcE+ucrAq9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25845
reporting-endpoints
x-fb-debug: sbxprwPX6Cv4BUDg35Qd6BSyeDoYX3DtkcKMMqxhI/0EZi8jgionQjaq6MG5m0pBH6fJNzk2YuLtr77OQFe/Nw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 17:53:12 GMT

GET
H3 200 R4PKY1p9APB.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yx/l/en_US/ Frame A5B7 794 KB
193 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yx/l/en_US/R4PKY1p9APB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d20cf80322259d9177611df3a6016556c8ee1c7b56376805c15d449c1785df0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Ax+Eeqf6bOR1t+1T9zWUvw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 197059
reporting-endpoints
x-fb-debug: hy0Gr/T67zUvlMDnutZpVRbGDebmgNl+CrZiAMZV0NJKqvaNPYFoLZ7VCibLENv1Dt7cHDXYNKFXEXn4wBQdcw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 08 Dec 2024 00:08:20 GMT

GET
H3 200 Ec8EdxuCpfW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/ Frame A5B7 199 KB
51 KB 17ms
16ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/Ec8EdxuCpfW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Lxn1hApUWOKiQ2EZomVAdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 51831
reporting-endpoints
x-fb-debug: +ZloEjYWvNmTyakaS2obT+QnkdsJij9HGjDGvGrZh5BP8ODXP+4iYbEBO2Yv5s6I5LxizIwhqDXRyO0HLsik9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 18:45:52 GMT

GET
H3 200 4r8pcxnOs4K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame A5B7 3 KB
1 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/4r8pcxnOs4K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GBf95XiiHK2guhZn2p/rAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1277
reporting-endpoints
x-fb-debug: dnbRaEqSOHwmy0lwZJvvFrrOhhEKPJ7pjrcmqEXpwFFrBf4xo65b0JECCr6A2byraz9kd++AIb4zjtsBwfJ5aQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 28 Nov 2024 23:51:05 GMT

GET
H3 200 GzNi5UO10uL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame A5B7 395 KB
86 KB 19ms
18ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/GzNi5UO10uL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B82MgG1Xe8DJYm99WEr4Ww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87833
reporting-endpoints
x-fb-debug: dTTBEYSuai0cuDCl7w7GSSZm1LMviGEFl5n7YQ0SAR3+svPJ38qDs0uUoS0kW+gQYChqvUb0BSp8ht/DpdCn9w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 20:00:12 GMT

GET
H3 200 w0yxjyrKD3l.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame A5B7 32 KB
10 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/w0yxjyrKD3l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cg00sn1NB+8BxdHomp/EuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10464
reporting-endpoints
x-fb-debug: i4rWUqEJKeYtxPFPAdxXwofFp3ndAaS/yJcIkFG53lLzTgTWsBJ7yFqO0JnuD5/B+o1rJsq1pFODX8zuidVEew==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Nov 2024 02:42:07 GMT

GET
H2 200 406124041_731714221739118_8607535916705131137_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t15.5256-10/ Frame A5B7 19 KB
20 KB 698ms
247ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t15.5256-10/406124041_731714221739118_8607535916705131137_n.jpg?stp=dst-jpg_p280x280&_nc_cat=111&ccb=1-7&_nc_sid=869369&_nc_ohc=dusmZFg3ZCYAX_OqlhV&_nc_ht=scontent-iad3-2.xx&edm=AOJO4v8EAAAA&oh=00_AfBUV3fP1N9AInky411q5QBFLfM3JZxxIM5NvA0tI4nEsQ&oe=657905E8
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: f7fa92dacacb28c03150ba2585d6e85a590793998c0795aabfa8e97c0a238b7f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sat, 09 Dec 2023 05:11:30 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=847707365
thrift_fmhk: GBAKotxcMeGp8IrllKnP7sbMFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: 0qjtH8YNWfsigFY6t5S8VG38xjrYSNDC6-uZZRBZP2ok0036iD6nf6DGpb0ARAaI3sXK_hnYlou42R4QiZzVu1Ghbh0ob80fE5gsZzqF8EhBJRz13cIgylutLgXt4qeB
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2129844668
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 19908

GET
H2 200 373543267_710184757816621_1168703249588970050_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame A5B7 1 KB
2 KB 673ms
222ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/373543267_710184757816621_1168703249588970050_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=VX5NpMQGAA4AX8fRFDn&_nc_ht=scontent-iad3-2.xx&edm=AOJO4v8EAAAA&oh=00_AfBIKVV2L0T9KT6xb8UT49fTm2OeeJsPCEA14fU41TL7CQ&oe=65794E48
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ec9b04d31d23f0fe24168948361b4043a2073c3110cdfb8c370a1efca2c22383

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 30 Aug 2023 09:22:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1487730854
thrift_fmhk: GBDMPr2LVBnLwwUax1Bc9fqKFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 920064946
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1502

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E54 39 KB
15 KB 10ms
9ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:30:49 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/ Frame 008A 432 KB
135 KB 2ms
2ms Script
text/javascript 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2499
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138293
x-xss-protection: 0
server: cafe
etag: 11350998454379829730
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 08 Dec 2024 04:30:44 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 008A 170 KB
49 KB 378ms
378ms Fetch
text/plain 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=895608150269518&correlator=2963792949381894&eid=31079783%2C31079576&output=ldjh&gdfp_req=1&vrg=202312040101&ptt=17&impl=fif&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C14209-2&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C320x100%7C300x100&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D55b888384ac8566c%3AT%3D1702098741%3ART%3D1702098741%3AS%3DALNI_MZwVbNAeLoZLX0FJ1vT5WeUZ-DNmA&gpic=UID%3D00000ca79be17b2f%3AT%3D1702098741%3ART%3D1702098741%3AS%3DALNI_MYzrrZYRbUlcP8cpDfbVKDOMjUD3A&abxe=1&dt=1702098743926&lmt=1702098743&adxs=640&adys=358&biw=1600&bih=1200&isw=320&ish=100&scr_x=0&scr_y=0&btvi=0&ucis=81gaa4hbhrpe&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=3&url=https%3A%2F%2Freurl.cc%2FgaOWLp&ref=https%3A%2F%2Freurl.cc%2FgaOWLp&top=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=320x100&msz=320x0&fws=256&ohw=0&ea=0&ga_vid=778870899.1702098741&ga_sid=1702098744&ga_hid=255405873&ga_fc=true&dlt=1702098743604&idt=310&adks=1212019568&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52a314725bd534c217d634796c8207879898bd68c2477d1f359649f960f46d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50466
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 008A 16 KB
12 KB 55ms
55ms XHR
application/json 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73206f6d313f1c12e377275522f8050e00f764bb78ed1f58bf66663ae041419e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12222
x-xss-protection: 0

GET
H2 200 container.html Show response
624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B9F2 6 KB
3 KB 71ms
42ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:23 GMT
expires: Sun, 08 Dec 2024 05:12:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame A5B7 4 KB
4 KB 4ms
4ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/Zb7qjlwFTG5.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:23 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
reporting-endpoints
x-fb-debug: kHvfCDSRcaSyOfgXNEnqlv6FCLIJSjEyeZS4EKotq7/jeeF1z8QjJVtDFNHX4vqw2IB9C8aXLotSIZK4OfM1Hg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 30 Nov 2024 18:38:57 GMT

GET
H2 200 373543267_710184757816621_1168703249588970050_n.jpg
scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/ Frame A5B7 1 KB
1 KB 500ms
222ms Image
image/jpeg 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-iad3-2.xx.fbcdn.net/v/t39.30808-1/373543267_710184757816621_1168703249588970050_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=1&ccb=1-7&_nc_sid=4da83f&_nc_ohc=VX5NpMQGAA4AX8fRFDn&_nc_ht=scontent-iad3-2.xx&edm=AOJO4v8EAAAA&oh=00_AfCSnjdRCFYy3dv5FmXJm-3Lx13yeyGwtkurvckv8dMIQA&oe=65794E48
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: bbef00e617014219bc04b83bcdf48ea4113838ca7178a0b863c8da8f4256562a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 30 Aug 2023 09:22:57 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3662624111
thrift_fmhk: GBDMPr2LVBnLwwUax1Bc9fqKFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 920064946
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1133

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.832/ Frame 29D5 0
329 B 169ms
168ms Document
text/html 143.204.86.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702098744&level=0
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-119.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:24 GMT
server: nginx
via: 1.1 fd95d915cb5f672e4b8b3613a0dde9ea.cloudfront.net (CloudFront)
x-amz-cf-id: LrCklUVPb8kjqLAF1OONv1W9FxKy0S6sw6vZ5d0s9kTj95ezIyBXbw==
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 008A 17 KB
6 KB 81ms
81ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 05:12:24 GMT

GET
H3 200 3_USCBHvE2b.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame A5B7 23 KB
8 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: H4RWJCeXQm3W0cqxGvzvfQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7662
reporting-endpoints
x-fb-debug: adect0oSyu+9BE6Mkk/DkNIM2Hl/yPwQhbzhirUQ9a1LuTsdyjxMREqWATQPCmBiCi5IPffUt04MNkO2tRw6TQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Nov 2024 00:25:11 GMT

GET
H3 200 TDpNj7olbQz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/ Frame A5B7 724 KB
158 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/TDpNj7olbQz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MeMa4i99MCmxCrMgT75kUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 161882
reporting-endpoints
x-fb-debug: F+UCrujNA60oj13/IAYkCuTZ8AeoS3uz7z8ty+M/B28u1vCO9bO+DZ383ZyBGW7vk874Kpaxyhj33rS5CoP8ig==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 19:59:28 GMT

GET
H3 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame A5B7 2 KB
1 KB 5ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: MZn39iQqRe6Hx2BVJybyP+dXS49MQskd3qRoob1wDHNMJJ8TjpP0auaMYITbZoB2dXfXVxzi39yHNvpXcjAWew==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 27 Nov 2024 18:15:52 GMT

GET
H3 200 mTbMxtm1CtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/ Frame A5B7 18 KB
6 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/mTbMxtm1CtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JrZuwm1IGLe7IQAoNDgKDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6379
reporting-endpoints
x-fb-debug: wAlCM3bAVVLfaQFZspGeoUxHeEUZKua3046m1xBGTpLop139xqyXP14LjI56lsxQREowPpxT5tK7kQQyLymqeQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Wed, 04 Dec 2024 23:47:18 GMT

GET
H3 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame A5B7 55 KB
15 KB 5ms
4ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: /1yCn+CJ/pf+p2y7SaFESYsOkr1Xiyn8gBNemtcPx93md4PaIRrhNlAlAQGSGqi/FLk6VEEhRB4UDcj8x20FLw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Nov 2024 17:43:58 GMT

GET
H3 200 14huexud5ZL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame A5B7 349 KB
68 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Mrpr55hdtBvcwKZxKOzblg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 69594
reporting-endpoints
x-fb-debug: FwlVDaQXt8ShzrEFsKMYkCS6hxaZW2jAAfkbs9DEvgxCH8DDK6NwLfEU+q5PZevzM2QOzRUkFNSm1iLGfK9PKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sat, 07 Dec 2024 00:45:59 GMT

GET
H3 200 Xa-kykSxUdE.css
static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/ Frame A5B7 32 KB
7 KB 7ms
7ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YWU4cGhOfIeDPjaHviTsqQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6714
reporting-endpoints
x-fb-debug: g8Vi8U7UjgoLrgXo/gJS4ABRYCyyyRi/9RcCcGtJvmW7XyAVX4NEspRzy44tjEzSoyyozRXN3C5WohZY7E07mw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sat, 07 Dec 2024 16:52:11 GMT

GET
H2 200 767580065410423.mpd Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/ Frame A5B7 11 KB
2 KB 753ms
230ms Fetch
application/dash+xml 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/767580065410423.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfDLL_ZRriujyvKm-xGUOnmzClDmL1NtllS9kT_l5hqA5Q&oe=6575DEFD
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 25b5706624b74cb820dbf44a7c9176315eb80777e788f87d3fcc0ef985d0a7dd

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702098743
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 8854216
alt-svc: h3=":443"; ma=86400
content-length: 1533
x-fb-origin-hit: 1
etag: 8f41a8aefe69259b3973425669b5dd98
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: 58Fh-E8E5KqeDpO2yErVnYtxJMlE70tiJd8-BgGoKtmVZn1nPSUmcBUFp_1p-ZaBBpyot1HMfWSBV1P9QnA71p39vlj9EdtwiFOwez5JNpau_sxC276A7HCj_DgbD_9l
accept-ranges: bytes
timing-allow-origin: *

POST
H3 200 / Show response
www.facebook.com/video/unified_cvc/ Frame A5B7 267 B
334 B 115ms
115ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4854136a1dd5cde231c5de08e658e5d944fe2fcf880210578583d8fda002e371

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: SXkQqIIqWVHOmCxk66QdHZ
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: E7ZFGZTLcVgVHE62uMwIPsLTVeyBFSklC4mF5Jej2F65uKaKX9+UKnjRhMa4qC36jsDO8AorESMrlDpBGh5sQQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ag-Kz-WMvnK.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame A5B7 330 B
466 B 4ms
3ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ag-Kz-WMvnK.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
content-md5: eAFd0hA109+Saq2CKxwDiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 330
reporting-endpoints
x-fb-debug: zNS9gmdIhcqPFcMv3/GBbr9fMwtR0sgKHKDtgTUWoKctWQALFxiAZb3STmU/vLywBLrRc1jN1vF1HQVIf8dx6Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Fri, 29 Nov 2024 21:02:56 GMT

GET
H3 200 gDitvOzbw6T.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame A5B7 8 KB
8 KB 5ms
4ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/gDitvOzbw6T.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yp/l/0,cross/Xa-kykSxUdE.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
content-md5: Mgl5lSWRJJAq6dF2coyXXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8119
reporting-endpoints
x-fb-debug: ghUsbc0DTY5u58Jq/ORcr/Z3vCAmVon2bSgwIIEigUpbg/eoNmi60qcF2AYtyDyEuDkVL+vjA//BNiLTG/nhKA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Nov 2024 18:26:00 GMT

GET
H3 200 SWhawEjeLCn.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame A5B7 3 KB
3 KB 5ms
5ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/SWhawEjeLCn.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yX/l/0,cross/Qfo55ay3XFG.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
content-md5: /zrKWNzqQF1I3EnT4Zj6CQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3327
reporting-endpoints
x-fb-debug: vQ41TNbnGPrsTjyKenqi44h+2jUFPAr6WXJfiN39MSCm/tvYf15GS86qZ72O2tbcriy8H18e9/9ytd9oQnV4Hw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sun, 24 Nov 2024 18:00:57 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4483 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 2495
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 04:30:49 GMT
expires: Sun, 08 Dec 2024 04:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB95 829 B
560 B 43ms
43ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f2d7ee82059853b516d7d8428288579e179c9cb40ef33372a2cda5d3a5e7291e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2G-c5lkLGkOrt_RFmzrYrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2G-c5lkLGkOrt_RFmzrYrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:24 GMT
expires: Sat, 09 Dec 2023 05:12:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E54 0
20 B 47ms
46ms Image
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BNNyfN_dzZYLLHuyNpt8Pq6ed4AIAAAAAOAHgBAI&bg=!RUalRgnNAAY3kmNgF5I7ADQBe5WfOL6CmlQLPHHcKVytKRg5OI7PmavBV-0dUWSSXixlwYx12dnLmV03S3DIiihWkthpAgAAAPtSAAAAA2gBB5kDI82V8EaThVHcI2LJP7TyhVYKay_LV_5teyFw_zXbD8noUja4bXZn3174wyabv2l9qyCUVZfKwrnL_fo1CASwny-N-Ua9IT66VNQxE-5o_mJULZSpEs7uaOM0fJyjIbscwtkafhl8UV_3v5ZTfId9UrMbOhbJXPBJVWrGmuZwqK7I_yeyOwav7Et9KAFt0G3ssStSXrRWuP6STjZhyHyt_ZoDk6ybbj2FSkUmU8yU9vABRBo3Glz2jCOtdgsimO71-v6Ac39WSzCGhLA2Hn4Uy-C4EnifEnU6MISq22SWD300ihUdYgDLl_IaxxWZXLd_QTNhVfFUPHqh5ktIKZkSFncm4Adv2l6Gqqd81feFQcoLs2G72zYOukpMcLDPCR8uYAyTUUihClyrnWawBZsWALZbS-MVrJfvl6IcXW48lPrJqqSkQ0Pr1qkj22iatykBKp_pstqoDO9aDloFUrfe6TvgRQbQvWIXKvsNp-hC5yoykLSbOxOcg1y_nvwc33JhTZSqe0Mat_zrn0l7HMPG3yJ24jR7r2-qwXylNlwvwR2Or8HZsKuvHIZpmmNsIRtMYdxWOAQy_63wPP26xej-S8fSjgn9ROMBGP924bIFcZvZ-Cw5KSqLzg0DBhU-SsSfrDRK_ZqPE49RHNnrV3DX0YVdQpRSzficqSNqQk2wduH41DdAUtyC5DfMalXWaEX6-THzbdm2vemiW45fO6aIhhZjtT_mrdknnB5jbZckagF2XXl-ve27v4R3U0vy3otktN-Nd6g45aIDmt3lxzIkh1Wuh8Hh6titRq4Y78Yce0-_FFlV4zTh9a5_1EaKZQ688zSmLigdFPJYKY6XnHVv0g54t2mB_mXVMuCOD6nJ56qnpMNviFW2XyDjWNxzLk0B6JHz8vmEJjxHrx2KpXXHTRqVdQokVrkS0JbVhG6Kq-BgQXMj_-aipteKl7FFJHy4rremOVM6NxJft_9Aqzs_4QJCv2PVNRQK49GQIwxqU8QpxbsgZgQR5OoqbOmMQonGrSsfpicbspiwQL5whpsrVQWW2QbtNgK9mnfyksdX7PcJY2TO

Requested by

Host: 77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
URL: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 4483 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:30:49 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB95 0
0 41ms
40ms Image
text/html 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=895608150269518&rc=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 container.html Show response
624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0D20 6 KB
3 KB 3ms
2ms Document
text/html 2404:6800:4004:822::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:822::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:23 GMT
expires: Sun, 08 Dec 2024 05:12:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 0D20 908 B
446 B 41ms
40ms Stylesheet
text/css 2404:6800:4004:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=10%E7%94%BA%E6%99%82%E4%B8%81%E5%88%86%EF%BC%96%E3%83%88%E3%82%B6%E3%82%A4%E8%88%97%EF%BD%9E%E5%8F%97%E5%BA%97%E3%82%AB%E3%83%B3%E3%83%BC%E3%82%BB%E5%8C%BA2%20%E3%83%A8%E3%83%96%E3%82%B0%E3%81%91%E9%85%8D%E3%81%8F%E3%83%94%E3%82%B9%E5%A4%A7%E3%82%8A%E5%8F%96%E5%86%85%E3%83%89%E7%9B%AE%E3%82%B7%E3%83%BB%E3%83%A9%E3%83%97%E4%BA%95%EF%BC%91%E5%B7%9D%E5%8F%AF%E9%96%8B%E3%83%A7%E5%93%81%E2%88%92%EF%BC%93%E3%83%83%E5%AE%85

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3e20e19ee80c742a25830eb84209ca1eaa4d2ef3fc75e131ede23d89b633cb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 09 Dec 2023 05:12:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 09 Dec 2023 05:12:24 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0D20 2 KB
822 B 2ms
2ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:50:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 0D20 24 KB
9 KB 4ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 15:47:50 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0D20 3 KB
1 KB 4ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame EADB 1 KB
643 B 3ms
2ms Document
text/html 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

age: 78750
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 07:19:54 GMT
etag: 48472445140208031
expires: Sat, 09 Dec 2023 07:19:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 0D20 20 KB
8 KB 3ms
3ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 03:41:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5467
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Dec 2023 03:41:17 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 0D20 225 B
249 B 4ms
2ms Image
image/png 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 15:43:33 GMT
x-content-type-options: nosniff
server: cafe
age: 48531
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Sat, 09 Dec 2023 15:43:33 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D20 202 KB
64 KB 51ms
50ms Script
text/javascript 2404:6800:4004:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:825::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:12:24 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 0D20 37 KB
16 KB 45ms
2ms Script
text/javascript 2404:6800:4004:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:801::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 20:20:38 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4483 0
10 B 2ms
1ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BX7XQA
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 9216095162094444457
tpc.googlesyndication.com/simgad/ Frame 0D20 3 KB
3 KB 3ms
3ms Image
image/jpeg 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9216095162094444457?w=100&h=100&tw=1&q=75

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 08:46:19 GMT
x-content-type-options: nosniff
age: 332765
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2592
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 03:39:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 04 Dec 2024 08:46:19 GMT

GET
DATA 200
OK truncated
/ Frame 0D20 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0D20 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKZk73qYgOPI7E7n9FyEbms&google_cver=1&google_push=AXcoOmRDqNrwhiVaXXvzKxFzSJ7ucPthNoSULMmqR2MiKq4dutS_aY3MSq8pxj-bzdQGluZrvYCQnpGDgI_M7ThB110INgSvb9iS
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=453887C6263246F8A04FABD00A86BFAC&google_push=AXcoOmRDqNrwhiVaXXvzKxFzSJ7ucPthNoSULMmqR2MiKq4dutS_aY3MSq8pxj-bzdQGluZrvYCQnpGDgI_M7Th...

170 B
188 B

40ms
39ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=453887C6263246F8A04FABD00A86BFAC&google_push=AXcoOmRDqNrwhiVaXXvzKxFzSJ7ucPthNoSULMmqR2MiKq4dutS_aY3MSq8pxj-bzdQGluZrvYCQnpGDgI_M7ThB110INgSvb9iS

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 09 Dec 2023 05:12:24 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=453887C6263246F8A04FABD00A86BFAC&google_push=AXcoOmRDqNrwhiVaXXvzKxFzSJ7ucPthNoSULMmqR2MiKq4dutS_aY3MSq8pxj-bzdQGluZrvYCQnpGDgI_M7ThB110INgSvb9iS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 08 Dec 2023 05:12:24 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://cr-p1.ladsp.com/cookiesender/1?google_push=AXcoOmSR_MUairpQ6Ci0FlpAOuoSYClu_7RqIq892oo7TfUI2MEbhmFxRdICISnA4hGf2ra7V4hGnxBB9zDqoqr2OFIkZMy1tuM&google_gid=CAESEAQfmwiDFH4g1rTPBR0Blj8&google_...
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSR_MUairpQ6Ci0FlpAOuoSYClu_7RqIq892oo7TfUI2MEbhmFxRdICISnA4hGf2ra7V4hGnxBB9zDqoqr2OFIkZMy1tuM&google_hm=Aflb8WCWjbdwks8AEDmpj8x...

170 B
188 B

44ms
44ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSR_MUairpQ6Ci0FlpAOuoSYClu_7RqIq892oo7TfUI2MEbhmFxRdICISnA4hGf2ra7V4hGnxBB9zDqoqr2OFIkZMy1tuM&google_hm=Aflb8WCWjbdwks8AEDmpj8xGscA

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
via: 1.1 9095214c63a79378c44a32c3efc102da.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AXcoOmSR_MUairpQ6Ci0FlpAOuoSYClu_7RqIq892oo7TfUI2MEbhmFxRdICISnA4hGf2ra7V4hGnxBB9zDqoqr2OFIkZMy1tuM&google_hm=Aflb8WCWjbdwks8AEDmpj8xGscA
cache-control: no-cache
content-length: 0
x-amz-cf-id: 4ypkNFgOYRD8GJcLNeeQxyKw1xAOvCfoLK6TDYtsJp2Oeq04pc3zVg==
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEMHjLrIEZmQmI6z69Xx0lrY&google_cver=1&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY8...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEMHjLrIEZmQmI6z69Xx0lrY&google_cver=1&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR&google_hm=RQ5nbH3wQ9uiZu...

170 B
188 B

44ms
43ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR&google_hm=RQ5nbH3wQ9uiZustAzCYNg==

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR&google_hm=RQ5nbH3wQ9uiZustAzCYNg==
Date: Sat, 09 Dec 2023 05:12:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame EADB 35 B
620 B 77ms
29ms Image
image/gif 183.79.219.124
YAHOO-JP-AS-AP Ya...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEP9kczMakLcHnqHbmdsaboU&google_cver=1&google_push=AXcoOmSrA4TspJsh6TNiGBFrzCJOl9lkyrWSMv04jXOBZxYk2SxasliIRHr07C6VRUtDngT4QB2Kre82FXhzVjW-Pk8lDoGkLIQcfQ

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.219.124 , Japan, ASN24572 (YAHOO-JP-AS-AP Yahoo Japan, JP),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESED53bQ-BOE0Anahp6OfWJJs&google_cver=1&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ip...
https://b1sync.zemanta.com/usersync/googleopenbidding/?google_cver=1&google_gid=CAESED53bQ-BOE0Anahp6OfWJJs&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ip...
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ipkEowIeyV13iPiV8gz9haMujNg&google_hm=SXB0ZU0tWFN4Mj...

170 B
188 B

40ms
39ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ipkEowIeyV13iPiV8gz9haMujNg&google_hm=SXB0ZU0tWFN4MjNObTJJeU9BSFk=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Dec 2023 05:12:25 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmTioEKq7uSH9LoTwEvqI139U_xs1leGhy-GpxiOFa6PBlazZqRaEQ6cdF3ISDF5VGJQmh_ipkEowIeyV13iPiV8gz9haMujNg&google_hm=SXB0ZU0tWFN4MjNObTJJeU9BSFk=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 242
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEIRWgHVMCdZEimOzF9klsHo&google_cver=1&google_push=AXcoOmSi7392JBlCb...
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D&google_gid=CAESEIRWgHVMCdZEimOzF9klsHo&google_cver=1&google_push=AXcoOmSi7392JBlCbkYNl2oXmHj__SrCXv...

170 B
188 B

45ms
44ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D&google_gid=CAESEIRWgHVMCdZEimOzF9klsHo&google_cver=1&google_push=AXcoOmSi7392JBlCbkYNl2oXmHj__SrCXvk_9Br3lPGernhfiqyLV7G6ulVTkSy_pVtSagaEbaj_V2E77jFFu5nC3iJB1t9_PPzHyw

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
an-x-request-uuid: 98851cd0-cb57-4c88-b277-eb6374c83a58
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjUzNjQ0NTM5MDM4OTE4Mzg2Mw%3D%3D&google_gid=CAESEIRWgHVMCdZEimOzF9klsHo&google_cver=1&google_push=AXcoOmSi7392JBlCbkYNl2oXmHj__SrCXvk_9Br3lPGernhfiqyLV7G6ulVTkSy_pVtSagaEbaj_V2E77jFFu5nC3iJB1t9_PPzHyw
x-proxy-origin: 31.204.145.167; 31.204.145.167; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame EADB
Redirect Chain

https://tracking.prismpartner.smt.docomo.ne.jp/sync/adx?google_gid=CAESEBBjyBsLsRM3Dj1kv44AqNg&google_cver=1&google_push=AXcoOmS_V2FtYGBpg9JC3ExM4z1rhjHbdv-WvFiffg5m10JAgGg-IK18KYPo0UfvfP9QzAsClKuM...
https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=WahpiSwXT4ucYP6A34HY2A&google_push=AXcoOmS_V2FtYGBpg9JC3ExM4z1rhjHbdv-WvFiffg5m10JAgGg-IK18KYPo0UfvfP9QzAsClKuMIFXIuvb73IRp1...

170 B
188 B

41ms
40ms

Image
image/png

142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=WahpiSwXT4ucYP6A34HY2A&google_push=AXcoOmS_V2FtYGBpg9JC3ExM4z1rhjHbdv-WvFiffg5m10JAgGg-IK18KYPo0UfvfP9QzAsClKuMIFXIuvb73IRp1ljk4tn8YJTK

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=prism_partnerinc&google_hm=WahpiSwXT4ucYP6A34HY2A&google_push=AXcoOmS_V2FtYGBpg9JC3ExM4z1rhjHbdv-WvFiffg5m10JAgGg-IK18KYPo0UfvfP9QzAsClKuMIFXIuvb73IRp1ljk4tn8YJTK
date: Sat, 09 Dec 2023 05:12:24 GMT
content-length: 0
content-type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame EADB 0
12 B 38ms
38ms Image
text/html 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KevBiL1V4R6RD6fosOm6bhQFPqtrmq9P6zaEa89xedphudQgVgWSTlWvsAJCvmiYEKia6rDjCmuQ

Requested by

Host: 624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
URL: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0D20 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c219c689cd785b5e05e3e6c170d2c2d347b0764fe2a611017de215d835518687

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H3 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 40ms
39ms Preflight
text/html 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg_24N_dzZePZO92Yid4Pgu2toAnh6KzIdMbE-uf0EWQQASDSzIEaYInzxYT0E6ABvNymmCjIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsgJP0GDmfbiGpay1YjPJ7bsBGIVMfqLc-Sd68Fxc3f55hNY26Lh64ockoFckPGgBeNXwJUNJn6r30JHXDts_SVXeFK7t_FHKqPR8sM0ui09xRE3yN2H5EWE4USPPH15iamtfwqqzg0CNwszsIobRYqm9QsezPBWc53GHlbStAzSa-KZZkl8zPJAafvF9gAVbg2c4rJcgGdskFLV-AU1rvGh8Fc4O3WpojGvk6W61dI-QsfWCWavykd45W-mcg87OOCYIvLhjAaQvI9OWMLCaklHTRFeVUUZMMOXY0LgjBEm2-6NniEMcPpZm_pKVLCvmOz3WTTIFg4eFM0eaBzNhGvAH6HdDwADQQNDwHCAkUDEoAjQ6zfJn5Q63vPXAnj761OY1r5eCzEXPRGJbQrQ49vX50X_ABKzmzIPDBOAEAYgFn6Tt00ySBQQIBBgBkgUECAUYBKAGLoAHvJT39wKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBCMlwTSCB0IgGEQARgdMgKKAjoCgEBIvf3BOljFrob4y4GDA5oJXWh0dHBzOi8vd3d3Lml0b3lva2Fkby5jby5qcC83dGhlcHJpY2UvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jb250ZW50PTd0aGVwcmljZYAKA8gLAZgM5Ln81twEogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwQCgoQkN_OsOW6nYAMEgIBA-INEwjj1ob4y4GDAxVdTMIFHYJ2C5S4E4ME2BMO0BUBmBYBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=qc2CZmUG5tE&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNxjGvv9qttXzkAq_lBfyAf3QE1CdFvn3yL0kTwA2OQijwxSf857k2GjoaFvgc73zZQWpksYMtGAE&template_id=515&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0D20
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cg_24N_dzZePZO92Yid4Pgu2toAnh6KzIdMbE-uf0EWQQASDSzIEaYInzxYT0E6ABvNymmCjIAQmpAgTpx1W3oT0-4AIAqAMByAPLBKoEsgJP0GDmfbiGpay1YjPJ7bsBGIVMfqLc-Sd6...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3af5ce0dc9132dd00000000000000000%22,%222%22:%220xa23ad81048d224270000000000000000%22,%223%22:%220x4ff62c...

0
0

84ms
41ms

Fetch
text/css

142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3af5ce0dc9132dd00000000000000000%22,%222%22:%220xa23ad81048d224270000000000000000%22,%223%22:%220x4ff62c57ec79b0d30000000000000000%22,%224%22:%220x61c6fd538bfd96ad0000000000000000%22,%225%22:%220xc1f1cdf5365790a80000000000000000%22},%22debug_key%22:%226041664584211812415%22,%22debug_reporting%22:true,%22destination%22:%22https://itoyokado.co.jp%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210788384316%22],%224%22:[%2212-09%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218356160233889603473%22}&andc=true

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3af5ce0dc9132dd00000000000000000","2":"0xa23ad81048d224270000000000000000","3":"0x4ff62c57ec79b0d30000000000000000","4":"0x61c6fd538bfd96ad0000000000000000","5":"0xc1f1cdf5365790a80000000000000000"},"debug_key":"6041664584211812415","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"18356160233889603473"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 05:12:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3af5ce0dc9132dd00000000000000000","2":"0xa23ad81048d224270000000000000000","3":"0x4ff62c57ec79b0d30000000000000000","4":"0x61c6fd538bfd96ad0000000000000000","5":"0xc1f1cdf5365790a80000000000000000"},"debug_key":"6041664584211812415","debug_reporting":true,"destination":"https://itoyokado.co.jp","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10788384316"],"4":["12-09"],"6":["true"]},"priority":"500","source_event_id":"18356160233889603473"}&andc=true
access-control-allow-origin: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 51C4 0
152 B 5ms
5ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=14210:107182:202775:e004976bf18fbffe4ed374beb5e00cf2:23016&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 font
fonts.gstatic.com/l/ Frame 0D20 23 KB
23 KB 10ms
10ms Font
text/html 2404:6800:400a:805::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxq_03dVttj3nEuDThQRVyTcOVF04CyFxy2uosXz3vatf9_DRWqPjROFPPKIiGmL1yYgzP1LLEpROQkkmJlx_v_AbchAv-cYwlqs0hIEwZ4exn-tgo5pn_hk--gJYlMzMbUfpZ4u5_WRPjdAnTkgb28HgoxlpsksCqOspbMLc9n-VYJ2nuYJugcPFA9ANFj5jigmsrEmu_CPzhfi_e2NGxq7GgEmXjH37k9HeqXlISXRbfKNPxvRxj0&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=10%E7%94%BA%E6%99%82%E4%B8%81%E5%88%86%EF%BC%96%E3%83%88%E3%82%B6%E3%82%A4%E8%88%97%EF%BD%9E%E5%8F%97%E5%BA%97%E3%82%AB%E3%83%B3%E3%83%BC%E3%82%BB%E5%8C%BA2%20%E3%83%A8%E3%83%96%E3%82%B0%E3%81%91%E9%85%8D%E3%81%8F%E3%83%94%E3%82%B9%E5%A4%A7%E3%82%8A%E5%8F%96%E5%86%85%E3%83%89%E7%9B%AE%E3%82%B7%E3%83%BB%E3%83%A9%E3%83%97%E4%BA%95%EF%BC%91%E5%B7%9D%E5%8F%AF%E9%96%8B%E3%83%A7%E5%93%81%E2%88%92%EF%BC%93%E3%83%83%E5%AE%85

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:400a:805::2003 Osaka, Japan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a36a73eee2563f54ca55a3ceba571b2f615f94b5d24d1eff76102631d2031cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 06:22:27 GMT
x-content-type-options: nosniff
age: 82197
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23860
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 08 Dec 2023 06:22:27 GMT

GET
H3 200 a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D63 50 KB
19 KB 3ms
3ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 134505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19601
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 15:50:39 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 94ms
39ms Preflight
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 09 Dec 2023 05:12:24 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2513 42 B
64 B 43ms
42ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumbQGVvjtEyOG79Rka1J3X_2CGnuJrD1UakriLrg_-IwsIYIcptY90CdSmhNJi4LsZKknSv8umi6B_JuYSWeyYAcRi66ewJLP97_IcLvWyjHBKCsBr_EZWtA&sig=Cg0ArKJSzB2fJOldmKvvEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3047537790&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098742007&rpt=1633&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2513 42 B
64 B 44ms
43ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseaytyp25lYnG9R4XH0E-_GIfSNNnHlnt1c-oF2SQtTHELSAQoNVJ_A66vAXeYiXL6OucMhHf5tpC1YCyL6-yhCOlLk_SjKBicaIsJI3l-8K4h1fOfsl0MIzm5oW4cYlX4D_tPPbcbvw&sai=AMfl-YQxldHKCjjyG_YBMtps3P0qnXJnQZWLhD9OjqHtB6HjDwVrX5zFJI6ScUwSpNKrvhFlgtN_J-S5YeuPjnFoP2Tl8Jaw1_V0n3RrzMP5Qy0gAh379P4kp1oFA19G4-204F0BKJfADr9ly-Y9Pr-hbJiA9ZL8iZFww-A&sig=Cg0ArKJSzLWIsVOUTy_HEAE&cid=CAQSTgDICaaNR_CMrSuW-C-0hsK2KRduxGkBI5FqNMlMQZk8xXfSHdVqhKXSfdbek4jl0iFrBW0e9nocyQnn0kKtoAyWslqcsKo2CqKHVONGTRgB&id=lidar2&mcvt=1009&p=108,1030,362,1330&mtos=0,1009,1009,1009,1009&tos=0,1009,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098742007&rpt=1629&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 767580065410423_0-init.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-lp-qd-v/ Frame A5B7 657 B
1 KB 217ms
215ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-lp-qd-v/767580065410423_0-init.m4v?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 91524c70ede9562d1bd8976201f4f2fd6b24d2c4844f4f7d0d862e1c5a685f81

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 657
x-fb-origin-hit: 1
etag: ade4aa4dfd41d1f0af2dad99e40d9832
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 0
x-fb-video-livetrace-parentsource: CDN:elb:H:iad3c02:dash-lp-qd:0242

GET
H2 200 767580065410423_0-init.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-lp-pst-a/ Frame A5B7 596 B
702 B 221ms
221ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-lp-pst-a/767580065410423_0-init.m4a?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b429486bdd6630fb3fdfa332e7919855881da3a3b2a51d62eaa1ced0862bfb5b

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 596
x-fb-origin-hit: 1
etag: 849c3cd82fb25b169e6d08f3572fa1d5
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:iad3c02:dash-lp-pst:0250

GET
H2 200 767580065410423_0-8923.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 17 KB
17 KB 415ms
415ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8923.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 451485b6984c8d33173b8bd1d5118fb194d4f7f57f2961a8e8bc650182292e9a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17294
x-fb-first-keyframe-offset: 648
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 36
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:5051

GET
H2 200 767580065410423_0-8923.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
9 KB 233ms
232ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8923.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 68acdcb14a986bce5da5b773c0013a0bbdef4cf2460b53dee64a64132de22f4a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8598
x-fb-first-keyframe-offset: 183
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 18
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:5034

GET
H3 200 hEMKKmOYzQt.js Show response
static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/ Frame A5B7 278 KB
62 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/hEMKKmOYzQt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: l/edax+DGCft42NvWht7yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 63759
reporting-endpoints
x-fb-debug: tiMWBrTS9NcQ8AJuJEJ0DO+THycWk1fSpcM1ZO/iKG3Aw/YVAPry/nPGnKtnywTPK791iuc53f7DFr8yMCQQHg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 06 Dec 2024 20:50:47 GMT

GET
H3 200 n_-qBIIk9pY.js Show response
static.xx.fbcdn.net/rsrc.php/v3i3qK4/y9/l/en_US/ Frame A5B7 3 MB
535 KB 15ms
13ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i3qK4/y9/l/en_US/n_-qBIIk9pY.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

373cff4a5be14637fbe35895c47e016b43fe37c32a6d704cd59da533185c6bb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u25TYieIphl1mCe9Uae9hQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 547393
reporting-endpoints
x-fb-debug: OvdaEOQGAGOGhQpTtU0RxIPHbjLgk8Ya4844fXHw579PZNnhOkTNt3K+3QQMmsyqRUe6GC+We8T3tlkbLfgrNg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sun, 08 Dec 2024 02:18:17 GMT

GET
H3 200 gnVnXHSGQH6.js Show response
static.xx.fbcdn.net/rsrc.php/v3inoo4/yD/l/en_US/ Frame A5B7 336 KB
79 KB 9ms
7ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3inoo4/yD/l/en_US/gnVnXHSGQH6.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

68b6eb9c48e3b113a3d1872ef75032d9f7f9771d9d2617bf058d7bc2f5070831

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: RERFNWoDwhrE9psu3Nx99A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80800
reporting-endpoints
x-fb-debug: 3Zy7kd23u2tCLVhFe4yzv73SV61oin4vbz4HpGe+93AQ6kpguAjqExmreE5hpF1Otld4pVrg4VDB5bVJG4d+VA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Sat, 07 Dec 2024 21:03:17 GMT

GET
H3 200 Cf8jcTzOUp9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/ Frame A5B7 26 KB
7 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/Cf8jcTzOUp9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wu8OzYuRZpaUCFL3HzI4JQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6798
reporting-endpoints
x-fb-debug: yF/REeuj3KWA8xEk/Z/8yAMK7T6MTDcr2t7ZF+wX4fUcHUkh/80bHgQwgwtEb1zRxbpWyi4j/ybFiP2pD/DrSw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Fri, 29 Nov 2024 14:23:44 GMT

GET
H3 200 F4j9B2xJ1Ib.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame A5B7 4 KB
1 KB 9ms
7ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /gOrTztJymIBgB0hri867Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1208
reporting-endpoints
x-fb-debug: nKvY3CVMPbTwwITnBb2gTdTGnzoX2dfgciI5pZHdz5lOipVQJ8XoE+3hyQ1OYPi5fhrUnAoqzW493zAh3vdRxQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Wed, 27 Nov 2024 02:00:06 GMT

GET
H3 200 9dN_FA4mMHO.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/ Frame A5B7 7 KB
3 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: m6Kjybcr8DtynOk5chZEYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2768
reporting-endpoints
x-fb-debug: BbcyuB4pEmZO2vqQ38q7h1bWIdf4EMWngXDz7iPVlZUBgqddRMYsfj0WK753K767kSVz0bYXEXBAARSkWF/HNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=1
expires: Thu, 05 Dec 2024 17:58:18 GMT

GET
H3 200 LkMD_RZF8jy.css
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/ Frame A5B7 20 KB
5 KB 11ms
10ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/LkMD_RZF8jy.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6871de12df8d1d3da3dff8d6370933ba3630a6e9ce19bf93eca651967a221c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rQ6y8Q+a67+IAU26MAyLYQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5322
reporting-endpoints
x-fb-debug: 4Rr8wfaUgkDjKGrcgQEpT2l0CvPRswF4Exl79/Q4G85KWmH/gswsVK0oHUtPt2ztP554GoQUmi1XFSmJIoWtWA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Sat, 07 Dec 2024 14:19:21 GMT

GET
H3 200 RBd9zOUieH7.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame A5B7 47 KB
10 KB 11ms
10ms Stylesheet
text/css 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/RBd9zOUieH7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QDW3Rfz0SFYiygPDvO4N+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10209
reporting-endpoints
x-fb-debug: mzb5VZsT33rnhlCfjfNv9ZnHwgN76F7OyJd/rs4hLx/I70wjCrZ0XcqrgTh0g3FKBFgWx4xyG2prNEFngfGszw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=0
expires: Fri, 06 Dec 2024 20:59:25 GMT

GET
H3 200 / Show response
www.facebook.com/ajax/bootloader-endpoint/ Frame A5B7 14 KB
3 KB 112ms
112ms XHR
text/javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__req=2&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010316377&__s=%3A%3Am62wpw&__hsi=7310458436209378284&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__csr=&locale=en_US&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/JS2LsxE-gw3.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c346d5e96953d555abbdea4928b180190eba2dcb46648409d66ca05c1e3594ed

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sat, 09 Dec 2023 05:12:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: HxxwHDCNBL6NqSIWhFW7Sw+SPMX+fDTRZcGqmloPjTrzKF728EwtPapcQm0+jkyZ6oBTE+KSbpZ/xrUnzfyqvg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/video/unified_cvc/ Frame A5B7 267 B
336 B 118ms
117ms XHR
application/x-javascript 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

52dc9ddbdea0b924ead72a50b9cdd6a9423f1b77a4042251aa6966246a20e09c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: SXkQqIIqWVHOmCxk66QdHZ
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: SoI89xRKlXh4YAtuxTwBKDXUa3czCM6lHdaM5WXeZruhCAOd3R1qc8O2p3Y3m6RZFYg1tMd7wK2qB/mqHWdIzA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 008A 0
0 45ms
44ms Image
text/html 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=895608150269518&bg=!5Oel56jNAAY3kmNgF5I7ADQBe5WfOOzfKT7DI5p6m9Hnv3USDgSgxfyCs5ZUz6QvJ1ZM9abSk8KiFEeDGwroaAd-wWZjAgAAAKBSAAAAA2gBB5kDGU29U98zQSSyqnS1RdDzEC3_EiyjDmpPd7NG0vchwgfd2jV-QqpthAlGZRbC-bgHLhX3tVLjyeH5EvuUp2yptxIcqUIWDb7FB5aUL5_vJjVr6TfkplK82Q_A716CEVVVrynM9lShmZJpCJ42-i6ac5THQIpKwgPIpgZgKKvlpco_SoWGgHSXcKxnnTrCDtXKpxkS1jH_XznCFp-1XqLKoj6a5tdKT8SRgsDxcU6TLS6XAXZvC1gBmP5ytz9f4qWImChPOzY_4ph9Wy2HR19qvnAGTnvsqw24xrPrP9vFfkMfZnapm1aQU8Whj4P1cyInuUIOTsQwkfEI7eXuxmW3v9qARhjZEMt1AvEdra80lN_YH77MU1_8H35o1z4dHKjGQrMFGVWA-hgktOi9GCOSQYAw-Myd-Ipwm7KW9imfvC7Al4nqpjL_hWju46woeA79orSRCJqzIETm4gSZX1p978pMV1DRHZnXCyryV5Wt1qele_aFi-jD66YnaYZhD1mIRwmAyBFj7LFMYQqENj8nrR0tLhQyI4_uR6Q9RdGy1-wExpOW63qgSz0ZEPTYIJm1msGDDPHmoABQHb1xHcgc4giX_DFoRi5SL5_-r9Cggypqt1hJagWIfUsgCt7j5B697ETaIzSfL9ycRyh7B-c9mvnYL07xSbPMuHfO0kMBFPNGYh9HWaY7O2iKzsc2KCW2RePOP2rwlNYcwXyG5gAEiHCMA4r6Z4zq509wRWCziY26P01vf1VUxhBq4EQPF-VRxhyqtg-vk6WBUAYaQ-qmW_lnnfq2-gojp3v0xpjV_H1OEvbGNIWVjowG-NUSaZGHmv0MzYjHFMPyo0wr33PG2lx3GUmv4IZFRhX7GWu36u1qZKsslO67FkmUpuisWu1WrgXakNK7_6Jh1qcAq-Y3bCik7uTX-94-erCK1zqnqx2D8x5rd_rO8l3-6cLfAYtF65JX8cHL463vPHB7N8Z4QGjuxSIuGCUAUwvneNQ51zMXTuWVxcq5V4tkAk6zpDjW-eaHY57Nj00nqA9SWmf1qy0Xj2Fokh67NsQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 0L5gppRlswe.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame A5B7 404 B
541 B 3ms
3ms Image
image/png 2a03:2880:f00f:104:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/0L5gppRlswe.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f00f:104:face:b00c:0:3 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Sat, 09 Dec 2023 05:12:25 GMT
x-content-type-options: nosniff
content-md5: bDizLuK+pYt04fjxlQ20xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 404
reporting-endpoints
x-fb-debug: 8vnvIy5O2TMNYe/EFjlhhkGxW9mOqhkq4cBvHkP+jthJnQEbLKGZNwIFsEAtN+1/7bU0fvCiysyFlaEaFbfeew==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Dec 2024 09:22:47 GMT

POST
H3 200 bz Show response
www.facebook.com/ajax/ Frame A5B7 0
113 B 103ms
103ms XHR
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310458436209378284&__req=4&__rev=1010316377&__s=%3A%3Am62wpw&__sp=1&__user=0&dpr=1&jazoest=21909&locale=en_US&lsd=SXkQqIIqWVHOmCxk66QdHZ

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryBgwF63ImaW7ndUsT

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: u83rbAamY4m6W3AplEhuCCcKSsUh7DkeCKbnBauGQpk1sNNxjmpflH0sQx0wDhLDXKf4epIc5mPYyyH4Vxljtg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 767580065410423_0-8924.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 243ms
243ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8924.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9f0711988fa186087549796f7f0e3c6e286f72ae0a00fa6546b6c74bcf9360dd

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8636
x-fb-ull-ssbwe-v3: conservative:57267;mean:57267;aggressive:64224
x-fb-first-keyframe-offset: 168
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:54304;conservative_median:54304;aggressive:64224
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 25
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:5457

GET
H3 200 767580065410423_0-8924.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 20 KB
21 KB 242ms
242ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8924.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c82e9c1a93712f22aba9d1d49b8f87063d8862eedabcfbec26efc21a6dc352d8

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 20960
x-fb-ull-ssbwe-v3: conservative:57267;mean:57267;aggressive:64224
x-fb-first-keyframe-offset: 1022
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:54304;conservative_median:54304;aggressive:64224
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 24
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:5547

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D20 42 B
64 B 44ms
44ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUI1pzr7EOUeJb-AmflxhE-cCKTXFDRFN0Ja7Rx80shIEeVEeELw8aV84eDsA35qgYlZg46ERq_elKyh7AkPNGgmwFemLH7gKqyURevzw4Ab3dbZCgeY8p3ylx3IbDXp7DIKVxczEAjjkbub6m-VBz8xwXrC3QxmPQSQ00X54IA_O_w46K9ccL4rF4BWrZClcMl-vhzWjo3OBlXvdBQGHPhDnOV7rziM5GwioZmBFSGPJYqbYodARGFGOcNRcEMkvtwQsMQElnZnz-dADusfq_FMD9hK5BmG_Sus894C71r4JJlvAAtli_9R_Gsd_u2ewZrp0_G-RJL8kFvKNsKdc-ZVbvc27E8aty_fku1ywxWbgvLbRtMC96dQoNE-AAC90oY4P7-zkdDcc8CjwlVKN7V_2HRWveTXikLDKwz50bcLKaVDdeIkOr8XxPS5O8WWCrCV3-oypvuDQi7UuBs4eK4_DT01LxIR_mHtzx8VHwxwItjFz8yVLbRkeVV-0UTY7m8thDnPPG2ydjLh5AnPPae0-jhezqafTTkBNy54wNSJqC_i2DE1DOiUf7ZptC-MyvTGqmH7TKdjVF_wZByzv4oT1fdmgIaE62Rzijz6t4ueiBAo8lFJOeoKELWh5H_AnuPnjr2EQBWjY5Kis9MJW1uPfM-TQltbyWWQpohuwnKS2BdPpSIZMV0hZ4-Q-y2SNLzi5GokP5G3S1h1ybm8Acxs3pHkfWeW2Hhaw8tgW1GSS3cb_r587VwjORN91NPSo6iGYpI5_svDTco1ljn692xzj3I5NIVH8jNgkntahDxT77YVhGjc8rWIhmLYd50mJGlQhje04SS9dx4dZub2hBL6jAUbmeJmUuEwHfpxtmR1uebFpxsE9wIkhZ7W2SDI2F3bAe2Kwttcuzqu1fqurzCgt6vpHq-Vu1uLLiKO2_DURY1qorR4qm6jVviHgIS6LAKZKhHmG1LrErMjsVxz2VcOBC4tVIjdtFqjsCaPiwx77sZONYHZWwED_BILHZI1O3D4dOfl2kG-rpsHHgA_3BkjklOo3IV9RL7iW9GDAeQjorcfDC1YHvOt4khIoFrpmElTXG64LrpCHsTO59hh2uPonk3IJF2-i0yKtGJVo_bCh4yl9UHUXRe4bMpX8kNUVnDn7RUv03m7Os9VtzpP7OuOqA1LBkf11W-51hEn8YOY2z9a06d4aQajpRSA6MlNZoGE7IxXTSuWlAhhOhg0FNiDLE_OB8zTr3_ZMPjuoDTFoXTXWwVquA_dsVKFd83lyclQk95rFz8o5dy12mdK3rWnh6i6h43W9ZA48B7gt2eueLUO6hIq2Azm88b5o6Cosc7BUpjacBM2oMWGuahLIfYF6pJEnFAbFLydzVnHl-VzMhx4P__YttpYvD2uv7-nkSqaD3jT0s8VXWRWM1x5bFr3hqos-4FncZmYNhBt7QMyynzqKQRmGXLiGOJk0a0GBNy5D0k4mpT2pIcI5kE6JFEV9HHwXZ6xatL6UBkyYKl3EYDf52vIcVhwNJHS5mlzqxcF4zA4pUsvkBTxQ0X1jYN_9v&sai=AMfl-YTaO2gbV67sny22jDqk2JNW6OKRvoCWqtHRCDloUq7U6uRu1ft0PhIYEfeb0LI5yY7e1UaCHOtV1gJNWSg2ymAfH0p7nHsjEau0SObiQIf0_uOT5n8SmpeKQZAafsSqakPpAK-pFJQl24vSVsdM_8HvKvY&sig=Cg0ArKJSzPWiUiPK9YOdEAE&cid=CAQSOwDICaaNxjGvv9qttXzkAq_lBfyAf3QE1CdFvn3yL0kTwA2OQijwxSf857k2GjoaFvgc73zZQWpksYMtGAE&id=lidar2&mcvt=1000&p=358,640,458,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1212019568&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098744323&rpt=179&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2513 0
20 B 38ms
38ms Ping
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7231386329952&version=m202309260101&ct=77&x=1&cor=11418607384701354000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 767580065410423_0-8925.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 241ms
241ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8925.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a184089566542414726d4d250362bf0434d2dba1ac6714ff61ace72838d6c60e

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8648
x-fb-ull-ssbwe-v3: conservative:148300;mean:148300;aggressive:333224
x-fb-first-keyframe-offset: 166
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:64224;conservative_median:64224;aggressive:333224
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:5702

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F17 0
0 46ms
45ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssobglYq3a-q-o06AfknYw-lcUd50kGVhwyb7vj4ScqtsEiaBbPtFFc2QD21Kc_S3L_WE4PkpTEVl9GGWjnpcxzqRyaHosW_OD5jKyXamg8m0RBo9b7fjsRNp_jg8dCNFRY8h3JdtwYS8-i56BMOhxSeHMvzrEICxNGWVawd2zhzXLe6OYsd4nPgFivQab5LbpKjRfTPFyyWU4wAUFmlTwSg-JlmLW3YUkByVzmVUFSDaohIwIRCxBa0sKrkSFTmu3vsjdfP8M_vQBaoxSpQ7sbYJ3j5xspu_CbX56TGUdk0SBvG-vsF91H4RoEKMmhXNYP7hdOuwv36m7UQJYTvVwW317Z3fgd02w2FaYEqhIAufPvedlTf6IRKtsGK2Zl3uc&sai=AMfl-YS35PrrxSKkpX-cT6gUxPbxIO3XS165fMsERqFCwssO0_Ehwx6mhyQZDnfc8K9mlCEs7JnIHmL5iH1M-uNhBUWpMWwwdaX-8I6CwF_A4ycuwoT-rY_7dv0xgUrYe42mf0dBT2B_TwIYIZq8o5N0NB_sCA57us0J09LLGQ&sig=Cg0ArKJSzFcEW2Fp43yUEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 05:12:25 GMT

GET
H3 200 767580065410423_0-8925.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 19 KB
19 KB 241ms
240ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8925.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3f8203c75a4508917b2461095aa696018c6d004f15e12b78c331041412f699f0

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
x-fb-ull-ssbwe-v4: p25:77042928;p50:77042928;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:77042928;p25bis:77042928;p50:77042928
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 19572
x-fb-ull-ssbwe-v3: conservative:406448;mean:406448;aggressive:886752
x-fb-first-keyframe-offset: 248
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:347072;conservative_median:347072;aggressive:886752
x-fb-ull-ssbwe-v4scaled: p25:57782196;p50:57782196;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 21
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:5924

GET
H3 200 767580065410423.mpd Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/ Frame A5B7 11 KB
2 KB 220ms
219ms Fetch
application/dash+xml 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/767580065410423.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfDLL_ZRriujyvKm-xGUOnmzClDmL1NtllS9kT_l5hqA5Q&oe=6575DEFD
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 25b5706624b74cb820dbf44a7c9176315eb80777e788f87d3fcc0ef985d0a7dd

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:25 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702098743
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 8854216
alt-svc: h3=":443"; ma=86400
content-length: 1533
x-fb-origin-hit: 1
etag: 8f41a8aefe69259b3973425669b5dd98
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

POST
H3 200 bz Show response
www.facebook.com/ajax/ Frame A5B7 0
115 B 101ms
101ms XHR
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310458436209378284&__req=5&__rev=1010316377&__s=%3A%3Am62wpw&__sp=1&__user=0&dpr=1&jazoest=21909&locale=en_US&lsd=SXkQqIIqWVHOmCxk66QdHZ

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryLE5x8lKD5Evo3fSP

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: IxoKc9MgRl74tCI77/5pngvjzvy7/PIySfVzKTAQXIxzVfTp47hvaWjnVnBRJJNsbsbC9HAJZfsnEyvMjxIDkQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F17 42 B
64 B 42ms
42ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshZGQWPOmXuZ_UkyDTtNABV96xk83veqVnkTiX_67irXpsYxMOysXYkB5YdSIJri-ly50YkMzVqrIwKV_lkXJRFvbQDQlj0Fzivl3z-6EbgfZ7zjdjCdxKSGm0VXPaYbtxEiYdcC0CFA&sai=AMfl-YSI030ZHELgT4dazuHjcrzrbdOMyqqo_cOBfVe79VzzWtMJSNg&sig=Cg0ArKJSzLFp4CbpuZ7OEAE&id=lidar2&mcvt=1000&p=358,640,462,960&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.96&vu=1&app=0&itpl=19&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098742027&rpt=3694&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 767580065410423_0-8926.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 9 KB
9 KB 240ms
239ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8926.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b829d9564b5bb0476d1ce2f00b4db8e81a3ef18e7cc1559435c751fb051f8d03

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:26 GMT
x-fb-ull-ssbwe-v4: p25:77042928;p50:77042928;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:77042928;p25bis:77042928;p50:77042928
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8713
x-fb-ull-ssbwe-v3: conservative:470861;mean:470861;aggressive:919112
x-fb-first-keyframe-offset: 165
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:470861;conservative_median:494344;aggressive:919112
x-fb-ull-ssbwe-v4scaled: p25:57782196;p50:57782196;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 20
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:6976

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 43ms
42ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702098741161&gcd=11l1l1l1l1&dma=0&cid=778870899.1702098741&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702098741&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=3&tfd=6145
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 767580065410423_0-8926.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 17 KB
17 KB 238ms
238ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8926.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: a14d72f572a34d710cf536cdc6d0bff83d7477bbace6b252d837f7baa11aa6ef

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
x-fb-ull-ssbwe-v4: p25:77042928;p50:77042928;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:77042928;p25bis:77042928;p50:77042928
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 17222
x-fb-ull-ssbwe-v3: conservative:470861;mean:470861;aggressive:919112
x-fb-first-keyframe-offset: 174
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:470861;conservative_median:494344;aggressive:919112
x-fb-ull-ssbwe-v4scaled: p25:57782196;p50:57782196;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 19
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:7190

GET
H3 200 767580065410423_0-8927.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 242ms
241ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8927.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 4f3fabf22cd724097683f4812bc7155a14238954e0af048d1cb9e7e3877627c7

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
x-fb-ull-ssbwe-v4: p25:77042928;p50:77042928;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:77042928;p25bis:77042928;p50:77042928
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8583
x-fb-ull-ssbwe-v3: conservative:413662;mean:413662;aggressive:919112
x-fb-first-keyframe-offset: 160
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:399368;conservative_median:399368;aggressive:919112
x-fb-ull-ssbwe-v4scaled: p25:57782196;p50:57782196;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 23
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:7225

GET
H3 200 767580065410423.mpd Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/ Frame A5B7 11 KB
2 KB 234ms
233ms Fetch
application/dash+xml 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/767580065410423.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfDLL_ZRriujyvKm-xGUOnmzClDmL1NtllS9kT_l5hqA5Q&oe=6575DEFD
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d795104f4c3506644a68755d54245dbf07b4429b675d4871eaca97ff525a79c9

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702098747
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 8858216
alt-svc: h3=":443"; ma=86400
content-length: 1545
x-fb-origin-hit: 1
etag: 98f04444c71c21247b5e4cf5e7be3169
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: 0kr6Inb5Q_VfMflk5NQIqatEWsoentQaw3spjQ0SP5Qriuh9A59irywDiHOLR04JwbKWYDg9jZTaHhW7iiuwCFngmrjh0pIogPwuvpwrSn5FL_8qw2aQJgz11HHXyz6j
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 767580065410423_0-8927.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 21 KB
21 KB 241ms
240ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8927.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 088a6a1a7650bfa40675aa7302a13a6dc9e70019a4760bb851305900ece56e0f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
x-fb-ull-ssbwe-v4: p25:77042928;p50:77042928;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:77042928;p25bis:77042928;p50:77042928
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 21058
x-fb-ull-ssbwe-v3: conservative:398252;mean:398252;aggressive:919112
x-fb-first-keyframe-offset: 648
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:347072;conservative_median:347072;aggressive:919112
x-fb-ull-ssbwe-v4scaled: p25:57782196;p50:57782196;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:7451

GET
H3 200 767580065410423_0-8928.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 239ms
239ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8928.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: ddd1032737e734248b9c62a3efa77af6c6a2f8c0502b072e33a76f579be849d9

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
x-fb-ull-ssbwe-v4: p25:77042928;p50:77042928;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:77042928;p25bis:77042928;p50:77042928
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8485
x-fb-ull-ssbwe-v3: conservative:413956;mean:413956;aggressive:919112
x-fb-first-keyframe-offset: 171
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:366512;conservative_median:366512;aggressive:919112
x-fb-ull-ssbwe-v4scaled: p25:57782196;p50:57782196;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 18
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:7473

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame 4E33 0
345 B 108ms
94ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=f1b96922575048afbe16f27112c485ca&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=783&eoid=17&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=0&tetms=6&msltms=7&vltms=783&sei=289&vetms=24&tuviims=94&tuviems=901&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2930&ismms=42&isumms=41&nvr=6&isgmmims=42&isgmv4mims=42&elmtp=6&isbxdms=2842&b0=100&b11=2937&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=3037&sftb=3037&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=942&isuiabvms=942&isgmpims=151&isgmv4dpims=942&ispmxpms=942&engalms=40&dvp_dpr=1&vstsz=739&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3827
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
Pragma: no-cache
Date: Sat, 09 Dec 2023 05:12:27 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-08T05:12:27

GET
H3 200 767580065410423_0-8928.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 19 KB
19 KB 240ms
240ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8928.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6f95142f9850a067169d02c3070797574f98fdbb5222e54036578b89533ccee5

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:6918488;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:6918488
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 19698
x-fb-ull-ssbwe-v3: conservative:449056;mean:449056;aggressive:1099848
x-fb-first-keyframe-offset: 234
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:408568;conservative_median:408568;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:5188866;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 21
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:7718

GET
H3 200 767580065410423_0-8929.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 243ms
242ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8929.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 7150ea550246636012cf6362f6889e23f7edbf7ec248ec9bac4cb0c1601574a1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:27 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:6918488;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:6918488
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8636
x-fb-ull-ssbwe-v3: conservative:449056;mean:449056;aggressive:1099848
x-fb-first-keyframe-offset: 157
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:408568;conservative_median:408568;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:5188866;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:7726

GET
H3 200 767580065410423_0-8930.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 244ms
243ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8930.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 2bda3203f7cc09f262a5eee2a7a807726bf99e5bc8d32054bdc8c2d14d6e2373

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:6918488;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:6918488
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8626
x-fb-ull-ssbwe-v3: conservative:451314;mean:451314;aggressive:1099848
x-fb-first-keyframe-offset: 173
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:408568;conservative_median:408568;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:5188866;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 24
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:8004

GET
H3 200 767580065410423_0-8929.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 19 KB
19 KB 246ms
246ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8929.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: b9ab3d81dea651a33a7e2351a75c32eb2a4168b184f5a06c6b94d621c5fc49a2

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:6918488;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:6918488
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 19213
x-fb-ull-ssbwe-v3: conservative:451314;mean:451314;aggressive:1099848
x-fb-first-keyframe-offset: 175
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:408568;conservative_median:408568;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:5188866;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:8007

GET
H3 200 767580065410423_0-8931.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
9 KB 244ms
244ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8931.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 38c571ac732d295550d31160985c31fb614f41426a897c2554820fb0a76953ca

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8703
x-fb-ull-ssbwe-v3: conservative:444058;mean:444058;aggressive:1099848
x-fb-first-keyframe-offset: 177
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:399368;conservative_median:399368;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 24
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:8257

GET
H3 200 767580065410423_0-8930.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 20 KB
20 KB 239ms
239ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8930.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 0729f4b9f399f903a95c759116e3e52a57df9fcb6e837b4b79cd712c4d380996

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 20456
x-fb-ull-ssbwe-v3: conservative:444058;mean:444058;aggressive:1099848
x-fb-first-keyframe-offset: 684
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:399368;conservative_median:399368;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 19
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:8276

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/767580065410423.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfDLL_ZRriujyvKm-xGUOnmzClDmL1NtllS9kT_l5hqA5Q&oe=6575DEFD
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d795104f4c3506644a68755d54245dbf07b4429b675d4871eaca97ff525a79c9

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702098747
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 8858216
alt-svc: h3=":443"; ma=86400
content-length: 1545
x-fb-origin-hit: 1
etag: 98f04444c71c21247b5e4cf5e7be3169
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 767580065410423_0-8932.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 244ms
243ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8932.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8f84c8fdb90e83e4d389f5b04bc7489ba7c6f6e8dd103cebbc6455583ded892d

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8567
x-fb-ull-ssbwe-v3: conservative:435153;mean:435153;aggressive:1099848
x-fb-first-keyframe-offset: 155
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:386328;conservative_median:386328;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 24
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:8510

GET
H3 200 767580065410423_0-8931.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 20 KB
20 KB 243ms
242ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8931.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 49d0183533c76825255eca7d3fb5300a1fce83f40b4d49ad571cd48ea47478ff

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 20049
x-fb-ull-ssbwe-v3: conservative:441485;mean:441485;aggressive:1099848
x-fb-first-keyframe-offset: 288
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:386328;conservative_median:386328;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 23
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:8545

GET
H3 200 767580065410423_0-8933.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 239ms
239ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8933.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 70b310e88ed7a4911d8c9445532a2c4e1cacb7f5bde144a3248abab4467cf82d

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8635
x-fb-ull-ssbwe-v3: conservative:450702;mean:450702;aggressive:1099848
x-fb-first-keyframe-offset: 166
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:399368;conservative_median:399368;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 21
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:8761

GET
H3 200 767580065410423_0-8932.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 18 KB
18 KB 238ms
237ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8932.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: defdeb74bd66a9bd8ea1c46e680cacd232b8983d2285f329d4dabe8944e646a7

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 18576
x-fb-ull-ssbwe-v3: conservative:458493;mean:458493;aggressive:1099848
x-fb-first-keyframe-offset: 231
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:408568;conservative_median:408568;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 20
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:8810

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63C8 0
0 42ms
41ms Fetch
image/gif 2404:6800:4004:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1W8Dmj21BQAH3qRTjIYvmxYgnVLBHPNoPm17ru9K2YFWYxUiyJYMdhPi2ecolrAT69E130DQ8P8lARKPdaGODu1eicA5vIaGP2QBDKuYYeZDBnl-eeNhizY_pF3jmWcex3vz7JaVREVQM8E1UKvEJMaisXoV_8o-8YY8FZu8WTxjZpM3aXmkEcOiITQ4nY3kS5MJ79L1EZ9yP9h75xr75tWSBWTScvPpKWuv0Zzsez7KLMIJl56CP6e_LIAHDjaOOtgY6w_YI2PXXZxwBZ245kZJuF251po42NKxuKVTntsZ81vinnMbp_LqIHiuxB4Iq6v-0R7uRr4BRl_zISo09eLKGWHiTF1ZLXCHQuNLyztxLIhLvyEWWQ3UpPiyWsKY&sai=AMfl-YRksvLSFGmVchffSPQYWfHHIMp6WGUOJhp5eWOw7puTG83GLYXCqb9gcfEIYwUdco3Jdm2Gfekn3wGXE_RBEjqHo7LMxBWKc2-7UZRFl0xMNErE-Pz9-tHORDdtzAKDjGiWh13IEk0Zc6iyLLzNEEpS_jf-rK0OexuQVA&sig=Cg0ArKJSzCzfp5Wr8chPEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 09 Dec 2023 05:12:28 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 59ms
59ms XHR
application/json 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312040101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ab8f951662285f3a37c746c7b10051bce44b9509d63cd1de19a5d496af30e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12184
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E81B 15 KB
6 KB 165ms
165ms Document
text/html 2406:2600:4::b
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 993997
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 3ms
3ms Image
image/gif 2404:6800:4004:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=669929596&t=timing&_s=3&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=7952&pdt=2&dns=0&rrt=0&srt=53&tcp=99&dit=412&clt=412&_gst=415&_gbt=488&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=778870899.1702098741&tid=UA-102456694-1&_gid=936829273.1702098741&z=449780106

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80b::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 21:54:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 26297
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
47ms Script
text/javascript 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312040101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Dec 2023 05:12:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D31A 13 KB
5 KB 3ms
2ms Document
text/html 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 2499
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 04:30:49 GMT
expires: Sun, 08 Dec 2024 04:30:49 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4D15 829 B
561 B 44ms
43ms Document
text/html 2404:6800:4004:821::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:821::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6da70f7a4e2663154b5b794fcef3049ccac6ffd9e391d020de739d026844f61b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6x53qvs7TBLzcbZK2wxtVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6x53qvs7TBLzcbZK2wxtVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 05:12:28 GMT
expires: Sat, 09 Dec 2023 05:12:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame D31A 39 KB
15 KB 3ms
2ms Script
text/javascript 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 04:30:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 08 Dec 2024 04:30:49 GMT

GET
H3 200 767580065410423_0-8934.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 9 KB
9 KB 242ms
242ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8934.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 8ceb83afba1fb55fe9b47c9f5e27264f22f1293f3f7c65f73cdc925792ba013a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8745
x-fb-ull-ssbwe-v3: conservative:468372;mean:468372;aggressive:1099848
x-fb-first-keyframe-offset: 187
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:410072;conservative_median:410072;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 23
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:9012

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4D15 0
0 41ms
40ms Image
text/html 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312040101&jk=3978633045622365&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame E81B
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=1pBJzl96Rm5Zako2b1F4R0F1JTJGWHBGdjBISEUlMkJPcThEU2x6NVFGWTltYWhoZUpORkZSamo3Q0RLR1...
https://mug.criteo.com/sid?cpp=Wa82lHxzQ0d5OWhyNEpDZERFN0VRNkd5VnY4SUJJQWpHWVJaTHFKaXBNNjR4YnBtUVdHVHpOR1BYNmdoV2M1OGMvWXNXSkpoMFJsemlVOFk4K1ozcmJoeTNzaWl0VUNzK1h3NXYwR0ZwTHdUUnY3cDZGUHlIRG1DNUw4OD...

427 B
649 B

149ms
149ms

Fetch
application/json

182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Wa82lHxzQ0d5OWhyNEpDZERFN0VRNkd5VnY4SUJJQWpHWVJaTHFKaXBNNjR4YnBtUVdHVHpOR1BYNmdoV2M1OGMvWXNXSkpoMFJsemlVOFk4K1ozcmJoeTNzaWl0VUNzK1h3NXYwR0ZwTHdUUnY3cDZGUHlIRG1DNUw4ODUxUE5UVkliY1VBNWVUNFlrcGx1eDJ1UThWM0pmTmFna2NQdVZ5Y3BqSHl1d21Dd1FGUEdoaTltZnloQjlZdkJyUU1DVHZwRG9lNjNSdVJESE5vUGF0SDZNNWZtQ0VoL0dyOWtvcXJ3U0VjVkhCVFpMOHlDL1lJcUpNVUcxMFJ0bi84bm5jdjg3QTR5RVRjSytmM3pGTTYraXp2eFRIaXhEVFErT1I5Z01XS2F6dm5qMXVjOD18&cppv=2

Protocol

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

cb7dd37eb910ce389c57bb066311c398651eb3c0401e811b37034dfd3da53b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:28 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1449061
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:28 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=Wa82lHxzQ0d5OWhyNEpDZERFN0VRNkd5VnY4SUJJQWpHWVJaTHFKaXBNNjR4YnBtUVdHVHpOR1BYNmdoV2M1OGMvWXNXSkpoMFJsemlVOFk4K1ozcmJoeTNzaWl0VUNzK1h3NXYwR0ZwTHdUUnY3cDZGUHlIRG1DNUw4ODUxUE5UVkliY1VBNWVUNFlrcGx1eDJ1UThWM0pmTmFna2NQdVZ5Y3BqSHl1d21Dd1FGUEdoaTltZnloQjlZdkJyUU1DVHZwRG9lNjNSdVJESE5vUGF0SDZNNWZtQ0VoL0dyOWtvcXJ3U0VjVkhCVFpMOHlDL1lJcUpNVUcxMFJ0bi84bm5jdjg3QTR5RVRjSytmM3pGTTYraXp2eFRIaXhEVFErT1I5Z01XS2F6dm5qMXVjOD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 267773
content-length: 0
expires: 0

GET
H3 200 767580065410423_0-8933.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 23 KB
23 KB 243ms
243ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8933.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 3042ac24afeb07bfa4c98ff8c72e3c6c6edd2df2453a7bfce628688c179ec793

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 23042
x-fb-ull-ssbwe-v3: conservative:473548;mean:473548;aggressive:1099848
x-fb-first-keyframe-offset: 249
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:410072;conservative_median:410072;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 23
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:9077

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D31A 0
11 B 2ms
2ms Image
text/plain 2404:6800:4004:826::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?p6FZqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 767580065410423_0-8935.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 242ms
242ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8935.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 36ff8515d3b41566e05f3a416cf056c4050bddccc32d2d86cc1738e2b5242833

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:8197280;p75:77042928
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:8197280
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8598
x-fb-ull-ssbwe-v3: conservative:480200;mean:480200;aggressive:1099848
x-fb-first-keyframe-offset: 159
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:437040;conservative_median:437040;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:6147960;p75:77042928
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 24
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:9264

GET
H3 200 767580065410423_0-8934.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 21 KB
21 KB 244ms
244ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8934.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 9c943a2788d13a756142039e342eb607dafcad35533681d5da9b8322adfedc0f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 21677
x-fb-ull-ssbwe-v3: conservative:485383;mean:485383;aggressive:1099848
x-fb-first-keyframe-offset: 248
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:485383;conservative_median:494344;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 26
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:9349

GET
H3 200 767580065410423_0-8936.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 242ms
242ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8936.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c750989fbc25788b21007a629c185736a452972c6511fde038bda7767d459abb

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:6918488;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:6918488;p25bis:6918488;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8453
x-fb-ull-ssbwe-v3: conservative:494382;mean:494382;aggressive:1099848
x-fb-first-keyframe-offset: 170
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:494382;conservative_median:496984;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5188866;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:9516

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312040101&jk=3978633045622365&bg=!HxylHFPNAAY3kmNgF5I7ADQBe5WfODSjW7wRR694kqmiqD34oIhIQBvxLL3oCz3LITIAx7BPARoIVgfz29lyq16sXk7PAgAAAE9SAAAAAmgBB5kC0Va4yBDKXUkGRoeYIuoGCbHA_4cxvnPShwUrCcXxIkBuW97GZOTJldhUFavtNCgkzZWtC0qMxiDN_07Pvnpm8bYWEPaQmgwTg1CeT48drOSQcNGqt9E46k3CbIkQMXDF90emsphTIa_LVZoUU4n7p-SYZBsM-4GDAa-v-rR-JxnFWQ4NxCsUq-gUnOY__WUQzKO7B72X3XgVB7VbGEB6J9VxDbD9RxJG2YB7aeWUJnlMHtctPECjPri1hF45hYaDg5XnnMYI_kp0Odt4lxay8xDNTQYlThksKFlgHuTYEEJ8DPAQdom9v1JGhx__wA2jH7gtp3GZEVmOzq2jpNrr1yByoz7-5ybxue_DZFcHWuVi0CdhkWygNroZpXYqmexWb2yH5hPCLhxTQRVOzD7a0M9Fb3GsZ66G-yC60FzpUN-Q9FF5emt1HxetiG3jhV3qB6eW3J4FZJv2vnM3XaQ5X2hI8f72OjUTloKmgm26x_fsluMxfnXI4qTm2Tq16OZD4M5n4sBFjDz5Y1SXAVE7tejINYyBzNN0Rasclx__K4hGRV9JJqHp3-QpWHL58hGHucGKvHx0PN8ZWC_H5tADSIC8niF4DngFpkDrhk-PrcXuDxYWEhEh3YIFyXq4GJAF-MV2S6ifbl4XahunZRUn3YTSlAa5eCZI_4BuhoRalBtHNSlvagw4sl7lewB9m-W6X8y3OYftHVlxo-tqaWRjxzRWTHdJmHgvKNTMxLhD1fWuFcS2rYyEJyLTuMitfiazalXZNAbs_OxKV6XXC9AVoy7tq3UNZjkS_PHPKT54VFaEGsZqLVroKixaFCRKvYtr-YUA-iSV2Xm37Ge3X5n6iijcsdnvFgNKa_p6-d8Dbg_Q-yT23QHsz6x5tghUSZAmKgOKAIwBRlMAGEVOJGcDVXeCoHxAETy3VLNHNoCHEndpKIVs3ompmvpfvpArdT_3yBs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 767580065410423_0-8935.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 15 KB
15 KB 241ms
240ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8935.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 6874fbcda57e7c2f28bbd0961113855436445be49d3f54ee110e6d9233b90ba1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 15064
x-fb-ull-ssbwe-v3: conservative:497154;mean:497154;aggressive:1099848
x-fb-first-keyframe-offset: 578
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:496984;conservative_median:496984;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 21
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:9614

POST
H3 200 bz Show response
www.facebook.com/ajax/ Frame A5B7 0
115 B 102ms
102ms XHR
text/html 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19700.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310458436209378284&__req=6&__rev=1010316377&__s=%3A%3Am62wpw&__sp=1&__user=0&dpr=1&jazoest=21909&locale=en_US&lsd=SXkQqIIqWVHOmCxk66QdHZ

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df84c4bac08f08c%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff3cf7d59573fa3c%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Flittleroom9488%2Fvideos%2F892048002234656%2F&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary4gytJ9EX4tJ1Bvw6

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Sat, 09 Dec 2023 05:12:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: PZUUtqp0IXB1nn30SNjIZ+pJiEWjvEmoxCeVWjCq09oGz5oM/mGNm8x4oiAyAjTwKx8Wbtb6Ci7SnD7k/uIYPw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
priority: u=1,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 767580065410423.mpd Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/ Frame A5B7 11 KB
2 KB 234ms
233ms Fetch
application/dash+xml 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/767580065410423.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfDLL_ZRriujyvKm-xGUOnmzClDmL1NtllS9kT_l5hqA5Q&oe=6575DEFD
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 48601a3745a32223aae028789013f254d737a0546e10f8a2ba51f5c0be8eb005

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702098749
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 8860216
alt-svc: h3=":443"; ma=86400
content-length: 1530
x-fb-origin-hit: 1
etag: c15eae4ae137415345858616bcde14bf
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: x4_JhxMTLNMCEcsVCIuRM7RTH0X6mabjfxdCHLoV1V16W2s4L5VZr-BIZ4yworRpI7CyTcoGUQW84yNrbdbQHabX7qLmFNQkl-y9BGgPIOd3KnS2BiKk_W_gx9vLtCLi
accept-ranges: bytes
timing-allow-origin: *
priority: u=1,i

GET
H3 200 767580065410423_0-8937.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 241ms
240ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8937.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 15fdcff5f3b0cff7bf23596386b83f9b5555a0510ac9fc56147dcd9820c610ab

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8627
x-fb-ull-ssbwe-v3: conservative:509073;mean:509073;aggressive:1099848
x-fb-first-keyframe-offset: 166
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:509073;conservative_median:510368;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:9772

GET
H3 200 767580065410423_0-8936.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 15 KB
15 KB 238ms
238ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8936.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: c96c8a305afe4fc5fde55acd1029a80025a3477df5e8b020c4cdfce80dc966e5

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:29 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 15166
x-fb-ull-ssbwe-v3: conservative:525005;mean:525005;aggressive:1099848
x-fb-first-keyframe-offset: 708
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:525005;conservative_median:580232;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 19
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:9872

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63C8 42 B
64 B 44ms
43ms Fetch
image/gif 2404:6800:4004:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKXMbIz_9Oc1vt0KJBoy9pzTCTn69mA2yconXRWD8u8HK2D0NZYgx7sgC6OGiY4qxU3aswo3dcgWNxxDsStBWCpAmYebrFXjismn4hhoPQ8GeZe932kLM-iFv65qITKVToXRm5T2TwBA&sai=AMfl-YSIiCAA-BYpwaLnRlOuqA1wm6teMtaXM3ybVjBMIsjBqpjFtsY&sig=Cg0ArKJSzJFclnQANgY2EAE&id=lidar2&mcvt=1000&p=108,625,362,925&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702098742020&rpt=6701&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:81c::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Dec 2023 05:12:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 767580065410423_0-8938.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
9 KB 236ms
236ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8938.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d10460f637964d386e028d7d5077d2db276d413ec7e1ff78cff2eca4db9f7170

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8660
x-fb-ull-ssbwe-v3: conservative:544684;mean:544684;aggressive:1099848
x-fb-first-keyframe-offset: 176
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:544684;conservative_median:585920;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 18
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:0017

GET
H3 200 767580065410423_0-8937.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 16 KB
16 KB 239ms
239ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8937.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 1dc7894487540e4af670b743df42c1da5e0434b1b1bde51517d212ace98ec230

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 16435
x-fb-ull-ssbwe-v3: conservative:555310;mean:555310;aggressive:1099848
x-fb-first-keyframe-offset: 163
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:555310;conservative_median:626336;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 20
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:0130

GET
H3 200 767580065410423_0-8939.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 238ms
238ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8939.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: d76b0054f07e4e7679cc3f003bdc4efbd350eff5d60b6a7db66c67cfad408b74

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8607
x-fb-ull-ssbwe-v3: conservative:567113;mean:567113;aggressive:1099848
x-fb-first-keyframe-offset: 169
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:567113;conservative_median:643992;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 18
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:0258

GET
H3 200 767580065410423_0-8938.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 15 KB
15 KB 241ms
241ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8938.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e9630947a17e1ba0955dcd58b6b08da8a54f26a56fe0e981b29fb1aecffdbc3c

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 15461
x-fb-ull-ssbwe-v3: conservative:570683;mean:570683;aggressive:1099848
x-fb-first-keyframe-offset: 155
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:570683;conservative_median:648704;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 20
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:0388

GET
H3 200 767580065410423_0-8940.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 9 KB
9 KB 238ms
238ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8940.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 39b24bf7502c56d12a6fd67746e7c2e6aec1195d3d8d6543fe16648bf8899cf8

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8722
x-fb-ull-ssbwe-v3: conservative:572513;mean:572513;aggressive:1099848
x-fb-first-keyframe-offset: 165
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:572513;conservative_median:657856;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 19
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:0507

GET
H3 200 767580065410423_0-8939.m4v Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 15 KB
15 KB 236ms
236ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8939.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 91f1b416645ca4991ce0615fd78151d850da08ae041602fc222f56d6d0025df6

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 15355
x-fb-ull-ssbwe-v3: conservative:567557;mean:567557;aggressive:1099848
x-fb-first-keyframe-offset: 541
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:567557;conservative_median:648704;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 18
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-qd:0644

GET
H3 200 767580065410423_0-8941.m4a Show response
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 8 KB
8 KB 241ms
240ms Fetch
video/mp4 2a03:2880:f003:101:face:b00c:0:1823
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8941.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a03:2880:f003:101:face:b00c:0:1823 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 431b35d3a246554a88544fc788611ee1bb12a31f1e8b1c308099bc05fc417e60

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:12:30 GMT
x-fb-ull-ssbwe-v4: p25:7337640;p50:7648304;p75:8197280
x-fb-ull-ssbwe-v4alt: p25:7337640;p25bis:7337640;p50:7648304
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
alt-svc: h3=":443"; ma=86400
content-length: 8648
x-fb-ull-ssbwe-v3: conservative:565853;mean:565853;aggressive:1099848
x-fb-first-keyframe-offset: 167
x-fb-origin-hit: 1
x-fb-ull-ssbwe-v3alt: conservative:565853;conservative_median:643992;aggressive:1099848
x-fb-ull-ssbwe-v4scaled: p25:5503230;p50:5736228;p75:8197280
x-fb-video-livetrace-encoding: dash-lp-pst
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 22
priority: u=1,i
x-fb-video-livetrace-parentsource: CDN:elb:M:iad3c02:dash-lp-pst:0758

GET 767580065410423_0-8940.m4v
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/ Frame A5B7 0
0

GET 767580065410423.mpd
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/ Frame A5B7 0
0

GET 767580065410423_0-8942.m4a
video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/ Frame A5B7 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: scontent-iad3-1.xx.fbcdn.net
URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=AFqS8Ov4x6EAX8lJRBe&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBOJ_r3if1YgL6kGEKOwjGhADez2nDGSn6rljn9nlKuRw&oe=65798585

Domain: scontent-iad3-1.xx.fbcdn.net
URL: https://scontent-iad3-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX_tO1S6&_nc_ht=scontent-iad3-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBn_l4IF-n1KxnwU-4pk2o2h4X4zh_1RjFCpLKc1XrYfA&oe=65784515

Domain: www.facebook.com
URL: https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19700.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010316377&__s=%3A%3Auv9fnf&__hsi=7310458428226337284&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1

Domain: www.facebook.com
URL: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId

Domain: www.facebook.com
URL: https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19700.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7310458428226337284&__req=4&__rev=1010316377&__s=%3A%3Auv9fnf&__sp=1&__user=0&dpr=1&jazoest=21973&lsd=ADoeN5WnZErzp4uJaqCkBd

Domain: video-iad3-2.xx.fbcdn.net
URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-qd-v/767580065410423_0-8940.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1

Domain: video-iad3-2.xx.fbcdn.net
URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/dash-abr3/767580065410423.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfDLL_ZRriujyvKm-xGUOnmzClDmL1NtllS9kT_l5hqA5Q&oe=6575DEFD

Domain: video-iad3-2.xx.fbcdn.net
URL: https://video-iad3-2.xx.fbcdn.net/hvideo-nao-prn/_nc_cat-1/_nc_sr_t-4/v/rASdEGjr4nH0uR-j4IZ_2HU0UIlb56LXC-0ymwDHYK834cQ/_nc_ohc-bX9NhqNtqW8AX8lbZJD/live-dash/ID/dash-lp-pst-a/767580065410423_0-8942.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

62 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 16:49:45	Name: _gid Value: GA1.2.936829273.1702098741
.reurl.cc/	1970-01-20 16:48:18	Name: _gat Value: 1
.reurl.cc/	1970-01-21 02:24:18	Name: _ga Value: GA1.1.778870899.1702098741
.reurl.cc/	1970-01-20 18:57:54	Name: _fbp Value: fb.1.1702098741370.261069306
.prnasia.com/	1970-01-20 16:48:20	Name: __cf_bm Value: pX74oYwJcvK7GuqbkdYquvyqi.HODWytaLmjtgllDUM-1702098741-0-AeGsqZWkrkE5jlTpQMy7Bw2ZntjTUSGahjMtmQqcRFTvpgwzu1dNUQEuMjrfEv+UXdyks6llYzMmUUCIcREYjPA=
.openx.net/	1970-01-21 01:33:54	Name: i Value: 48781290-aeca-4b5b-b550-dc7814ccb720\|1702098741
.openx.net/	1970-01-20 17:09:54	Name: pd Value: v2\|1702098741\|jElYiuvOhI
.doubleclick.net/	1970-01-21 02:24:18	Name: IDE Value: AHWqTUmao46wQN5VK58h0KB2dJyTo-mNPDqFYLZfjHjE6PYcJ8ufLwnGVm527rqZr9Y
.adsrvr.org/	1970-01-21 01:35:21	Name: TDID Value: ba69f9a0-ab33-4062-b479-9cf32f659ae0
.reurl.cc/	1970-01-21 02:09:54	Name: __gads Value: ID=55b888384ac8566c:T=1702098741:RT=1702098741:S=ALNI_MZwVbNAeLoZLX0FJ1vT5WeUZ-DNmA
.reurl.cc/	1970-01-21 02:09:54	Name: __gpi Value: UID=00000ca79be17b2f:T=1702098741:RT=1702098741:S=ALNI_MYzrrZYRbUlcP8cpDfbVKDOMjUD3A
.adsrvr.org/	1970-01-21 01:35:21	Name: TDCPM Value: CAEYBSABKAIyCwjG2N76hKC8PBAFOAE.
.crwdcntrl.net/	1970-01-20 23:17:06	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:17:06	Name: _cc_id Value: 8f0edad6828afd97d3c4e09d1b79e2eb
.reurl.cc/	1970-01-20 23:17:06	Name: _cc_id Value: 8f0edad6828afd97d3c4e09d1b79e2eb
.reurl.cc/	1970-01-20 16:58:23	Name: panoramaId_expiry Value: 1702703541887
.reurl.cc/	1970-01-20 16:58:23	Name: panoramaId Value: 9d268d900eee5d045d8694325179185ca02c882b90ed0bacdc575389867acde3
.reurl.cc/	1970-01-20 16:58:23	Name: panoramaIdType Value: panoDevice
.openx.net/	1970-01-20 17:09:54	Name: univ_id Value: 537072971\|ba69f9a0-ab33-4062-b479-9cf32f659ae0\|1702098741992225
.reurl.cc/	1970-01-21 02:24:18	Name: _ga_N394QBRGC0 Value: GS1.1.1702098741.1.0.1702098742.59.0.0
.socdm.com/	1970-01-21 02:24:18	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzAyMDk4NzQyfQ
.send.microad.jp/	1970-01-20 18:57:54	Name: TR Value: 6020a9d8314ac593a96ef0a2c45c40b046aa5ea0288d9673
.casalemedia.com/	1970-01-21 01:33:54	Name: CMID Value: ZXP3NlXlaR55gr7Hr9bIXAAA
.casalemedia.com/	1970-01-20 18:57:54	Name: CMPS Value: 5464
.casalemedia.com/	1970-01-20 18:57:54	Name: CMPRO Value: 5464
.ladsp.com/	1970-01-20 16:48:22	Name: cr Value: 1
.ladsp.com/	1970-01-21 02:24:18	Name: smn_uid Value: zNYkbfP4Dn2Zk59IBigHHxA5qY_MRrE
.doubleclick.net/	1970-01-20 16:48:22	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 21:07:30	Name: APC Value: AfxxVi5wtF57bFjYbGFsWm9maBC_441Qk_Gz3Yw04EoSRDzgMEeybQ
.criteo.com/	1970-01-21 02:09:54	Name: uid Value: a601fd52-058d-491d-9e71-e5bd7d036669
.criteo.com/	1970-01-21 02:09:54	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 17:31:30	Name: ar_debug Value: 1
.reurl.cc/	1970-01-20 17:31:30	Name: ISMD5VERSION Value: 1
.holmesmind.com/	1970-01-20 16:49:45	Name: fcm Value: 1
.adnxs.com/	1970-01-20 18:57:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In7hQ_zo!]tbPl1M>e)ZlrFUfJ+tGXxo<Q3%FxKf+nnT%xZfQ.-pd:Yjme_/!jqpC#zb3If)y3KL9D3I?+liQL!h
.adnxs.com/	1970-01-20 18:57:54	Name: uuid2 Value: 2536445390389183863
.hinet.net/	1970-01-21 02:24:18	Name: uuid Value: 398283da-0402-4d2d-a0c2-18aee9437979
.reurl.cc/	1970-01-20 17:31:30	Name: CFFPCKUUID Value: 7382-RArNT3LCTSPFtBr7i4otB7ON5wQcPgQb
.reurl.cc/	1970-01-20 17:31:30	Name: CFFPCKUUIDMAIN Value: 6206-Pidjxb94YRnodknpn9Ywi51ThnP5E1Dk
.reurl.cc/	1970-01-20 17:31:30	Name: FPUUID Value: 6206-f39d29b9e65fac900be8f2195079f5ae
.holmesmind.com/	1970-01-20 17:09:25	Name: Vision Value: 20231209-23:59,20231209-16,20231209-16,20231209-23:59
.holmesmind.com/	1970-01-20 17:09:25	Name: C Value: null
.holmesmind.com/	1970-01-20 19:13:16	Name: RK Value: null
.holmesmind.com/	1970-01-21 02:24:18	Name: P Value: 449928-33Ta50Qg4WVG2udZW4Dt4cdO1fv1MKFQ
.lndata.com/	1970-01-21 01:34:23	Name: admckid Value: 2312091312221914120
.c.appier.net/	1970-01-21 01:33:54	Name: _auid Value: ddLKtWelDZKTOeiuN_dzZQ
.reurl.cc/	1970-01-21 01:33:54	Name: __htid Value: 398283da-0402-4d2d-a0c2-18aee9437979
.reurl.cc/	1970-01-20 16:48:22	Name: _ht_em Value: 1
.reurl.cc/	1970-01-20 16:49:45	Name: _ht_50ef57 Value: 1
.reurl.cc/	1970-01-20 18:15:15	Name: truvid_protected Value: {"val":"f","level":0,"geo":"JP","timestamp":1702098744}
.docomo.ne.jp/	1970-01-21 02:24:18	Name: adxppthrd Value: 59a86989-2c17-4f8b-9c60-fe80df81d8d8
.yahoo.co.jp/	1970-01-21 01:35:21	Name: XA Value: bnt45gtin7tpo&sd=A&t=1702098744&u=1702098744&v=1
.yahoo.co.jp/	1970-01-21 02:24:18	Name: XB Value: 7pmbsipin7tpo&b=3&s=h0
.ladsp.com/	1970-01-21 02:24:18	Name: lum Value: CO3p9ufEMRIFCAEQqAESBQgDEKgE
.simpli.fi/	1970-01-21 01:35:21	Name: suid Value: 453887C6263246F8A04FABD00A86BFAC
.googleadservices.com/	1970-01-20 18:57:54	Name: ar_debug Value: 1
.bidswitch.net/	1970-01-21 01:33:54	Name: tuuid Value: 450e676c-7df0-43db-a266-eb2d03309836
.bidswitch.net/	1970-01-21 01:33:54	Name: c Value: 1702098744
.bidswitch.net/	1970-01-21 01:33:54	Name: tuuid_lu Value: 1702098744
.bidswitch.net/	1970-01-20 16:48:19	Name: google_push Value: AXcoOmSpXMNjLUYNVqjDHmL5HYHknk5kLy3r5y2npxX4ItQ-sGbfOVjBjNdiBC9IjDZvrt8c37XX-0JGfG5qmpBY803JzWVUpgZR
.zemanta.com/	1970-01-21 01:33:54	Name: zuid Value: IpteM-XSx23Nm2IyOAHY
.reurl.cc/	1970-01-21 02:09:54	Name: cto_bundle Value: OVd8FF96Rm5Zako2b1F4R0F1JTJGWHBGdjBISE9aSVRSY3RhOHNzRFNDbEFiZmdURTYxbmpiYVFSdzlqN29odlRLYWpoZUdBZWIwOWxSY2d1QnVZUENHQSUyRnRyMHRhMlNiRjZ3cE9pTVhCQ0hjRzF5RUtFUFRZZ1poTmtNcSUyRnpBcERzMmd4eTlXMnJwY1lQMUZFckolMkYlMkI4cUt5R1l3JTNEJTNE

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEP9kczMakLcHnqHbmdsaboU&google_cver=1&google_push=AXcoOmSrA4TspJsh6TNiGBFrzCJOl9lkyrWSMv04jXOBZxYk2SxasliIRHr07C6VRUtDngT4QB2Kre82FXhzVjW-Pk8lDoGkLIQcfQ Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

398283da-0402-4d2d-a0c2-18aee9437979.t.ssp.hinet.net
624493037650cd79ebc001a876ab2ea2.safeframe.googlesyndication.com
77d9f2cb194813ad4b7ce70053d29387.safeframe.googlesyndication.com
ad.doubleclick.net
ad.holmesmind.com
ad2.apx.appier.net
analytics.google.com
anymind360.com
asset.re-news.tw
b1sync.zemanta.com
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.doubleverify.com
cdn.holmesmind.com
cdn.jsdelivr.net
cksync.yahoo.co.jp
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p1.ladsp.com
cr-p3.ladsp.com
creditcards.com.tw
dsum-sec.casalemedia.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
prebid-asia.creativecdn.com
prebid.scupio.com
reurl.cc
rt.ad-score.com
rtb0.doubleverify.com
s-cs.send.microad.jp
s.trvdp.com
s0.2mdn.net
scontent-iad3-1.xx.fbcdn.net
scontent-iad3-2.xx.fbcdn.net
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
tracking.prismpartner.smt.docomo.ne.jp
um.simpli.fi
us-u.openx.net
video-iad3-2.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
x.bidswitch.net
scontent-iad3-1.xx.fbcdn.net
video-iad3-2.xx.fbcdn.net
www.facebook.com
103.132.192.30
103.43.90.114
116.50.36.71
124.146.153.166
13.32.50.91
139.162.78.222
142.250.198.6
142.250.207.2
142.251.42.130
142.251.42.194
143.204.86.119
15.197.162.181
151.101.65.55
172.64.151.101
172.64.152.89
18.172.52.51
18.65.185.129
18.65.185.16
182.161.74.11
183.79.219.124
192.0.77.2
192.0.78.187
192.0.78.24
2001:4860:4802:34::181
202.233.84.8
203.75.214.136
210.59.219.34
2404:6800:4004:801::2003
2404:6800:4004:80b::200e
2404:6800:4004:81c::2002
2404:6800:4004:81e::2008
2404:6800:4004:821::2002
2404:6800:4004:821::2004
2404:6800:4004:822::2001
2404:6800:4004:823::200a
2404:6800:4004:825::2001
2404:6800:4004:825::2002
2404:6800:4004:825::2006
2404:6800:4004:826::2001
2404:6800:4004:826::2002
2404:6800:4004:828::2003
2404:6800:4008:c19::9c
2404:6800:400a:805::2003
2406:2600:4::1
2406:2600:4::12
2406:2600:4::b
2600:140b:a800::17c3:5b8a
2600:9000:20c4:2c00:1e:5c56:d400:93a1
2600:9000:20e4:8a00:0:e06c:e940:93a1
2606:4700:3034::ac43:961f
2606:4700::6811:efc2
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f003:101:face:b00c:0:1823
2a03:2880:f00f:104:face:b00c:0:3
2a03:2880:f10f:83:face:b00c:0:25de
2a04:4e42::485
34.102.146.192
34.117.23.234
34.120.107.143
34.126.167.117
34.149.43.113
34.149.98.30
34.160.17.71
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.190.36.98
35.201.76.93
35.208.216.174
35.213.12.39
35.227.249.156
35.244.196.223
35.71.131.137
52.192.40.163
52.192.8.212
52.74.150.191
54.95.167.198
61.216.47.122
64.202.112.31
99.84.133.75
01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9
032c43052bc5628f02ac2de24d0e9c65eeee6783789f84265fc2d0284d0f0406
0729f4b9f399f903a95c759116e3e52a57df9fcb6e837b4b79cd712c4d380996
088a6a1a7650bfa40675aa7302a13a6dc9e70019a4760bb851305900ece56e0f
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0a0fffb4284a61e0f3313eae839b4c71d5eb0f43e823e2c6e4535a359fcd3ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e091ec6bdcfa6f61b975d7a3ef3d1d2b968ec460ad7a6d5d7e49af16a75f8f9
0ebacafc72baccb35d633c8959c37a3b14cd64c35a94355761f5e84af4e24323
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
14609189a75f7791fd1edbd2a237967550154a1d5560ecba4620ae406930e405
15fdcff5f3b0cff7bf23596386b83f9b5555a0510ac9fc56147dcd9820c610ab
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679
1b3c4645469b30443626b0683603b69d4231b2eb96719083a861bd968b7c4bc1
1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b
1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312
1dc7894487540e4af670b743df42c1da5e0434b1b1bde51517d212ace98ec230
208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
25b5706624b74cb820dbf44a7c9176315eb80777e788f87d3fcc0ef985d0a7dd
27942b0b679a9367b2c4430c4147613ba7a01ad9d7e07b2569b9195a83aded5a
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2bda3203f7cc09f262a5eee2a7a807726bf99e5bc8d32054bdc8c2d14d6e2373
2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8
2c625a630d0cfe255e160360e835417812146c29256ec0d40514afbcc686eadd
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3042ac24afeb07bfa4c98ff8c72e3c6c6edd2df2453a7bfce628688c179ec793
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
3271eecca15405b948944596894209cfc44ced3b8e5e840a5cd6d01b1a31d5ef
3357e675ea4f190381d0d4969e3af833e76d64fd9f37881b2e3229a537e51b5c
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36ff8515d3b41566e05f3a416cf056c4050bddccc32d2d86cc1738e2b5242833
373cff4a5be14637fbe35895c47e016b43fe37c32a6d704cd59da533185c6bb7
38c571ac732d295550d31160985c31fb614f41426a897c2554820fb0a76953ca
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39b24bf7502c56d12a6fd67746e7c2e6aec1195d3d8d6543fe16648bf8899cf8
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
3a7a68e832e09c668589e2bab6e3bc69348c21fdd4be0b940446e8d3b0948a6d
3c9dd4183d54fd885636b39d8775c7abe9474544ab32dcdb30f52d2df5f9d451
3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f8203c75a4508917b2461095aa696018c6d004f15e12b78c331041412f699f0
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6
431b35d3a246554a88544fc788611ee1bb12a31f1e8b1c308099bc05fc417e60
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
4433f0560fb0eb4af4f66ae8d75492d47a522e166ae13a787a5bc42b2698d733
451485b6984c8d33173b8bd1d5118fb194d4f7f57f2961a8e8bc650182292e9a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4854136a1dd5cde231c5de08e658e5d944fe2fcf880210578583d8fda002e371
48601a3745a32223aae028789013f254d737a0546e10f8a2ba51f5c0be8eb005
49d0183533c76825255eca7d3fb5300a1fce83f40b4d49ad571cd48ea47478ff
4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733
4ab8f951662285f3a37c746c7b10051bce44b9509d63cd1de19a5d496af30e61
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3fabf22cd724097683f4812bc7155a14238954e0af048d1cb9e7e3877627c7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52a314725bd534c217d634796c8207879898bd68c2477d1f359649f960f46d7d
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
52dc9ddbdea0b924ead72a50b9cdd6a9423f1b77a4042251aa6966246a20e09c
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b198b5ed1bd02e77f84c6971a69d5c2160c0c32fd770ce33405e194750f5fd
5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
5e0b529be7af42b2e5c1b45bd28bfb3654e52320a61f1718ba38ba22265ed551
5f095afc96e2fdd1c26cdc04a3b430313cf4457db972ad53dc16d2e139f93d78
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
64d618ef0b6eca4c61f62c3ec46adfe81f7921505ac7c97c7bd2648364dc84e7
659f5c7f6f5ef235f71ec603888c8158bb454e8594e8d0f7fda64e324b7facda
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
6871de12df8d1d3da3dff8d6370933ba3630a6e9ce19bf93eca651967a221c42
6874fbcda57e7c2f28bbd0961113855436445be49d3f54ee110e6d9233b90ba1
68acdcb14a986bce5da5b773c0013a0bbdef4cf2460b53dee64a64132de22f4a
68b6eb9c48e3b113a3d1872ef75032d9f7f9771d9d2617bf058d7bc2f5070831
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6da70f7a4e2663154b5b794fcef3049ccac6ffd9e391d020de739d026844f61b
6f95142f9850a067169d02c3070797574f98fdbb5222e54036578b89533ccee5
6fe5e7f96dd590e013e360fd826cbfbf824397f5b3f670d5a7b2a5dbc378da5e
70b310e88ed7a4911d8c9445532a2c4e1cacb7f5bde144a3248abab4467cf82d
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7150ea550246636012cf6362f6889e23f7edbf7ec248ec9bac4cb0c1601574a1
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
73206f6d313f1c12e377275522f8050e00f764bb78ed1f58bf66663ae041419e
74410ad57ecfdf8c7d5de1459b50aedcca8296e65a45d1be01fd9835117e743a
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
756acb6e4a956ef537c08241bb3b72d28f86c1e8a45c99e9753f3376b1b65e11
77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f
7a36a73eee2563f54ca55a3ceba571b2f615f94b5d24d1eff76102631d2031cd
7a7472d11dbdbadbe287b223ca55bfbd1d07ce0e74fce33e9c90ae82f2c75700
7c1968557b57ed2978e4d16a9383aa01a31b0b6e1d4bfa4ff56520d3c4583fc2
80681585e3e5eda2d4eb799a13afa40d0546a234fde891115de6fd4ec614b47e
80796e51ac4f447093486b9200c00e66b253bc593fac56574b069062ea260271
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
872fda231cc1e19d13e55adda7e882830213b7bac4af4ab0d06d2ffe11dfb6bf
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8b9546dd9551a2cdffb537c9169438e9e4f69ed61f96b33ddd9ee37bcff38f19
8c04bb56386ca291c350b9a793f4bc9039c5435ed5494e1df96e5950f5f2836c
8ceb83afba1fb55fe9b47c9f5e27264f22f1293f3f7c65f73cdc925792ba013a
8efed1397a9c2e53aeb4c932ae10b06a530dfb865cf97036023073d16382181a
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
8f84c8fdb90e83e4d389f5b04bc7489ba7c6f6e8dd103cebbc6455583ded892d
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
91524c70ede9562d1bd8976201f4f2fd6b24d2c4844f4f7d0d862e1c5a685f81
91f1b416645ca4991ce0615fd78151d850da08ae041602fc222f56d6d0025df6
93947ec0e0c58af9b28bc07d173145d6d04804dfba3ad67a7c71c62a4fd8dc71
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5130f592d67caa481f546160ff229324e58e0460a440b5d20e45442457c2bd
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964
9c943a2788d13a756142039e342eb607dafcad35533681d5da9b8322adfedc0f
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0
9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f0711988fa186087549796f7f0e3c6e286f72ae0a00fa6546b6c74bcf9360dd
a02009d2f95d79b62b95c6de12d6614bdb36bffa6d4e756db81ec1c51c5acc34
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a14d043f208332cd432f3143522663a90e02624c733b5326a005c58328150da2
a14d72f572a34d710cf536cdc6d0bff83d7477bbace6b252d837f7baa11aa6ef
a184089566542414726d4d250362bf0434d2dba1ac6714ff61ace72838d6c60e
a1d556d896be458387c94aad51e8db8d09b622547b721de82ea235b192aecee4
a3e20e19ee80c742a25830eb84209ca1eaa4d2ef3fc75e131ede23d89b633cb1
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a451320a9691f49560233d342e7fb2b6eb5b2ec15110fc69ea5c698b7e25edc5
a937e9e125a28b82b9fc305d4430833f91e747565885f9d32cb2f1cce7170e43
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ac36a85a251149861b7b2e9d8d250b0aab66110f681d6827e8e979cdfaa1ad3a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b275a0c7a4d0eb698c158d664d03fe21c34fa3f36af5ed6337fe7da98a8e8a83
b2ab62ae9ef497837041609e66f23d13d0291e4198200026ffbe935c6c8ce570
b429486bdd6630fb3fdfa332e7919855881da3a3b2a51d62eaa1ced0862bfb5b
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b5c2fddd74e1cb9d39d962a6911812d24b1c7fad50fe6ce901f32e9eebc4fa92
b6fe6101ff12f786ff956ba29a5b1d1e3264c7769ffceb85d733b4c7986e6b95
b829d9564b5bb0476d1ce2f00b4db8e81a3ef18e7cc1559435c751fb051f8d03
b851f1055df85d2a249f3cb48f1fa9e520ad9b59e88061b88884b66d78b2dca1
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
b9ab3d81dea651a33a7e2351a75c32eb2a4168b184f5a06c6b94d621c5fc49a2
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bbef00e617014219bc04b83bcdf48ea4113838ca7178a0b863c8da8f4256562a
bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bee0b841ca961b8c585f62ee498a1de1cdfd42b76f91155564b12b550d16ba24
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c219c689cd785b5e05e3e6c170d2c2d347b0764fe2a611017de215d835518687
c346d5e96953d555abbdea4928b180190eba2dcb46648409d66ca05c1e3594ed
c417bdd5756646f7102a004458c6aa90e7a4c7ff04631494f0a9b8099619343d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5d4bd00c93f687b2f1c47656a5dcee22ff87ae4dc205dd7d982d1082532cc29
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6b9ff96d825db385f78d8dc081ba4f04f9479f081709ce7cc375a56e5ee7bfc
c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02
c750989fbc25788b21007a629c185736a452972c6511fde038bda7767d459abb
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c82e9c1a93712f22aba9d1d49b8f87063d8862eedabcfbec26efc21a6dc352d8
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
c96c8a305afe4fc5fde55acd1029a80025a3477df5e8b020c4cdfce80dc966e5
cb7dd37eb910ce389c57bb066311c398651eb3c0401e811b37034dfd3da53b4d
cd1a1c2e4f6310a0fd024f0741f9adb892f52778f8091e55d1b0db68d8fc97f9
ce15be8943bb8658cb0a9eb2433aaea414e53aef4be3450984840871b895f4bd
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
d019fc735f42e920240af373f78509070ff773427d39fd46d00031c42e5996c5
d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7
d10460f637964d386e028d7d5077d2db276d413ec7e1ff78cff2eca4db9f7170
d1420ef7b723f0ded8722960592fc4f76bbbec40cc3aba007bdb8b08794bd31e
d20cf80322259d9177611df3a6016556c8ee1c7b56376805c15d449c1785df0a
d353b1355c456941a6195bf480abb7c6092cfd0213313f56168f2315b43d40e1
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d6705d4595d0844226acbb101be72d22aca7f22ec5a1ac31dde5d86683813156
d76b0054f07e4e7679cc3f003bdc4efbd350eff5d60b6a7db66c67cfad408b74
d795104f4c3506644a68755d54245dbf07b4429b675d4871eaca97ff525a79c9
d93088c88a0a53dbe42d9e8b8aab868cc97c3ea3824dc889fd952f733ca4b0db
da8cb2bc6469722e3de0af111c2b7b8b504c2c39257385a5b3e3f843f409da23
dc79b0caa826fcf3ce95252aace76796eb3e5bb66ecb12ccec5d9b4a1d0410fc
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddd1032737e734248b9c62a3efa77af6c6a2f8c0502b072e33a76f579be849d9
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4
defdeb74bd66a9bd8ea1c46e680cacd232b8983d2285f329d4dabe8944e646a7
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e62a1fa8d2ea4113423f3ae57d33405624a21fcf0adbf49d7a5c5687b8a35eca
e6478184fe5d7ab4f3bad23a1d02c3331f979cf4fa2a38eaf2ea6e53f54f391b
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e80f3c6479f08a7ea0b97f0c3538f4d3420e0f00df102e15469e7fc6ed013cbc
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e9630947a17e1ba0955dcd58b6b08da8a54f26a56fe0e981b29fb1aecffdbc3c
ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb1dcc6858928161e0f053fd744a2039bb7c340473c48c38eea01305c9109432
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec9b04d31d23f0fe24168948361b4043a2073c3110cdfb8c370a1efca2c22383
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f2d7ee82059853b516d7d8428288579e179c9cb40ef33372a2cda5d3a5e7291e
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f5157592996000cf9a85a4ad2dc89567e41b996719035e766c1a7d9698fc1bdf
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f6d4b8c60079c67c97308fd49f186c5a7b61510b90ede28f7711ba1b3b1c56c7
f7846d18e8e07dccf50840cfc09c06504b7fcd1be7ee0850007ae44dc9e8f87c
f7fa92dacacb28c03150ba2585d6e85a590793998c0795aabfa8e97c0a238b7f
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fcffa301fda0c6a4e8d01ff5206993d1201eebaf4da69a49269a9fd25973ca11
fd66f83ea75a1ccdd4953552363bc37a9cf055220f8d89a23ec8564c8d2ed2fb

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

392 Requests

90 %HTTPS

37 %IPv6

54 Domains

91 Subdomains

73 IPs

5 Countries

7779 kBTransfer

20611 kBSize

62 Cookies

21 Outgoing links

Redirected requests

392 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

392
Requests

90 %
HTTPS

37 %
IPv6

54
Domains

91
Subdomains

73
IPs

5
Countries

7779 kB
Transfer

20611 kB
Size

62
Cookies

392 HTTP transactions
9 data transactions