urlscan.io logo urlscan.io
SecurityTrails logo

reurl.cc Open in urlscan Pro
35.185.130.121  Public Scan

Go To Rescan Add Verdict Report
URL: https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 15 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 68 IPs in 5 countries across 44 domains to perform 204 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.
This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 35.185.130.121 15169 (GOOGLE)
2 151.101.1.229 54113 (FASTLY)
5 34.149.98.30 15169 (GOOGLE)
1 151.101.193.55 54113 (FASTLY)
2 142.250.206.232 15169 (GOOGLE)
12 172.217.175.226 15169 (GOOGLE)
5 31.13.82.36 32934 (FACEBOOK)
1 35.244.196.223 15169 (GOOGLE)
3 172.217.175.110 15169 (GOOGLE)
29 31.13.82.7 32934 (FACEBOOK)
1 34.117.23.234 396982 (GOOGLE-CL...)
1 35.185.136.122 396982 (GOOGLE-CL...)
1 104.17.239.194 13335 (CLOUDFLAR...)
1 192.0.78.25 2635 (AUTOMATTIC)
1 61.216.47.122 3462 (HINET Dat...)
1 104.21.96.9 13335 (CLOUDFLAR...)
1 34.160.17.71 396982 (GOOGLE-CL...)
1 13.33.174.96 16509 (AMAZON-02)
1 192.0.78.187 2635 (AUTOMATTIC)
2 173.194.174.157 15169 (GOOGLE)
1 182.161.74.1 55569 (CRITEO-AS...)
1 172.64.152.89 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.65.185.16 16509 (AMAZON-02)
1 172.217.175.1 15169 (GOOGLE)
2 172.217.175.14 15169 (GOOGLE)
2 142.250.198.3 15169 (GOOGLE)
1 3 142.250.207.4 15169 (GOOGLE)
2 182.161.74.11 55569 (CRITEO-AS...)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 13.251.47.187 16509 (AMAZON-02)
1 18.172.52.87 16509 (AMAZON-02)
3 142.251.42.162 15169 (GOOGLE)
1 18.65.185.40 16509 (AMAZON-02)
10 216.58.220.129 15169 (GOOGLE)
1 172.217.161.74 15169 (GOOGLE)
4 119.63.193.220 38627 (BAIDUJP B...)
13 142.251.42.129 15169 (GOOGLE)
4 143.204.126.3 16509 (AMAZON-02)
5 35.244.159.8 396982 (GOOGLE-CL...)
2 143.204.86.119 16509 (AMAZON-02)
1 119.63.198.189 38627 (BAIDUJP B...)
1 34.111.12.34 396982 (GOOGLE-CL...)
1 34.107.150.21 396982 (GOOGLE-CL...)
13 119.63.198.143 38627 (BAIDUJP B...)
1 142.250.196.99 15169 (GOOGLE)
2 2 15.197.193.217 16509 (AMAZON-02)
1 1 211.120.53.206 4694 (IDCF IDC ...)
2 2 99.84.133.14 16509 (AMAZON-02)
2 3 172.217.175.66 15169 (GOOGLE)
1 142.251.222.2 15169 (GOOGLE)
1 116.50.36.71 18046 (DONGFONG-...)
2 13.113.11.114 16509 (AMAZON-02)
1 34.95.67.231 396982 (GOOGLE-CL...)
1 13.112.169.241 16509 (AMAZON-02)
4 203.75.214.136 3462 (HINET Dat...)
1 2 35.201.76.93 396982 (GOOGLE-CL...)
1 35.227.249.156 396982 (GOOGLE-CL...)
1 18.182.103.101 16509 (AMAZON-02)
3 34.102.218.41 396982 (GOOGLE-CL...)
4 57.181.98.169 16509 (AMAZON-02)
10 119.63.198.188 38627 (BAIDUJP B...)
1 119.63.197.136 38627 (BAIDUJP B...)
3 119.63.198.180 38627 (BAIDUJP B...)
1 143.204.86.31 16509 (AMAZON-02)
1 35.208.216.174 19527 (GOOGLE-2)
8 172.217.175.34 15169 (GOOGLE)
3 35.213.89.133 15169 (GOOGLE)
3 34.96.83.10 396982 (GOOGLE-CL...)
204 68
1    35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com
reurl.cc
2    151.101.1.229 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
5    34.149.98.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.98.149.34.bc.googleusercontent.com
storage.reurl.cc
1    151.101.193.55 (United States)

ASN54113 (FASTLY, US)
anymind360.com
2    142.250.206.232 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s10-in-f8.1e100.net
www.googletagmanager.com
12    172.217.175.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s29-in-f2.1e100.net
securepubads.g.doubleclick.net
5    31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com
www.facebook.com
1    35.244.196.223 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 223.196.244.35.bc.googleusercontent.com
storage.re-news.tw
3    172.217.175.110 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f14.1e100.net
www.google-analytics.com
29    31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
scontent-nrt1-1.xx.fbcdn.net
1    34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com
asset.re-news.tw
1    35.185.136.122 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 122.136.185.35.bc.googleusercontent.com
re-news.tw
1    104.17.239.194 (None, )

ASN13335 (CLOUDFLARENET, US)
mma.prnasia.com
1    192.0.78.25 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
creditcards.com.tw
1    61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net
img.racingcharger.tw
1    104.21.96.9 (None, )

ASN13335 (CLOUDFLARENET, US)
img.gbyhn.com.tw
1    34.160.17.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.17.160.34.bc.googleusercontent.com
www.rayskyinvest.com
1    13.33.174.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-96.nrt57.r.cloudfront.net
static.wixstatic.com
1    192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
blog.alphaloan.co
2    173.194.174.157 (United States)

ASN15169 (GOOGLE, US)
PTR: td-in-f157.1e100.net
stats.g.doubleclick.net
1    182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.65.185.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-16.nrt57.r.cloudfront.net
tags.crwdcntrl.net
1    172.217.175.1 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f1.1e100.net
944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com
2    172.217.175.14 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s18-in-f14.1e100.net
analytics.google.com
2    142.250.198.3 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f3.1e100.net
www.google.co.jp
3    142.250.207.4 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f4.1e100.net
www.google.com
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    13.251.47.187 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-47-187.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    18.172.52.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-87.nrt20.r.cloudfront.net
cnt.trvdp.com
3    142.251.42.162 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f2.1e100.net
www.googletagservices.com
1    18.65.185.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-40.nrt57.r.cloudfront.net
go.trvdp.com
10    216.58.220.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s17-in-f1.1e100.net
cdn.ampproject.org
1    172.217.161.74 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s09-in-f10.1e100.net
fonts.googleapis.com
4    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
13    142.251.42.129 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f1.1e100.net
tpc.googlesyndication.com
4    143.204.126.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-3.nrt20.r.cloudfront.net
cdn.holmesmind.com
5    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
jp-u.openx.net
2    143.204.86.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-119.nrt12.r.cloudfront.net
stg.truvidplayer.com
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
1    34.111.12.34 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.12.111.34.bc.googleusercontent.com
ad.tagtoo.co
1    34.107.150.21 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 21.150.107.34.bc.googleusercontent.com
uec.tagtoo.co
13    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
1    142.250.196.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f3.1e100.net
fonts.gstatic.com
2    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    211.120.53.206 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    99.84.133.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-14.nrt57.r.cloudfront.net
cr-p3.ladsp.com
3    172.217.175.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net
cm.g.doubleclick.net
1    142.251.222.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s71-in-f2.1e100.net
googleads.g.doubleclick.net
1    116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)
cm.lndata.com
2    13.113.11.114 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-11-114.ap-northeast-1.compute.amazonaws.com
cm-dev-poc.holmesmind.com
1    34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com
fcm.holmesmind.com
1    13.112.169.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-112-169-241.ap-northeast-1.compute.amazonaws.com
fcm2.holmesmind.com
4    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
76f1acc1-3ed2-4845-8260-e01daf697ff4.t.ssp.hinet.net
2    35.201.76.93 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com
c.holmesmind.com
1    35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com
m.holmesmind.com
1    18.182.103.101 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
3    34.102.218.41 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 41.218.102.34.bc.googleusercontent.com
ecs.tagtoo.co
4    57.181.98.169 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-57-181-98-169.ap-northeast-1.compute.amazonaws.com
in.treasuredata.com
10    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
1    119.63.197.136 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
3    119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
imageaws.popin.cc
1    143.204.86.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-31.nrt12.r.cloudfront.net
s.trvdp.com
1    35.208.216.174 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 174.216.208.35.bc.googleusercontent.com
rt.ad-score.com
8    172.217.175.34 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s19-in-f2.1e100.net
pagead2.googlesyndication.com
3    35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com
trace.popin.cc
3    34.96.83.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.83.96.34.bc.googleusercontent.com
event.tagtoo.co
Apex Domain
Subdomains		 Transfer
35 popin.cc
api.popin.cc — Cisco Umbrella Rank: 31958
tw.popin.cc — Cisco Umbrella Rank: 96359
log.popin.cc — Cisco Umbrella Rank: 33420
r.popin.cc — Cisco Umbrella Rank: 34110
inrecsys.popin.cc — Cisco Umbrella Rank: 39665
imageaws.popin.cc — Cisco Umbrella Rank: 54406
trace.popin.cc — Cisco Umbrella Rank: 2940
799 KB
26 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 953
scontent-nrt1-1.xx.fbcdn.net — Cisco Umbrella Rank: 183638
572 KB
22 googlesyndication.com
944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
120 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
209 KB
12 holmesmind.com
cdn.holmesmind.com — Cisco Umbrella Rank: 132288
cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925
fcm.holmesmind.com — Cisco Umbrella Rank: 210108
fcm2.holmesmind.com — Cisco Umbrella Rank: 154750
c.holmesmind.com — Cisco Umbrella Rank: 107592
m.holmesmind.com — Cisco Umbrella Rank: 190604
ad.holmesmind.com — Cisco Umbrella Rank: 104322
64 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
207 KB
8 tagtoo.co
ad.tagtoo.co — Cisco Umbrella Rank: 222202
uec.tagtoo.co — Cisco Umbrella Rank: 477829
ecs.tagtoo.co — Cisco Umbrella Rank: 229932
event.tagtoo.co — Cisco Umbrella Rank: 217532
48 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1639
google-bidout-d.openx.net — Cisco Umbrella Rank: 1643
us-u.openx.net — Cisco Umbrella Rank: 491
jp-u.openx.net — Cisco Umbrella Rank: 15595
2 KB
6 reurl.cc
reurl.cc — Cisco Umbrella Rank: 116978
storage.reurl.cc — Cisco Umbrella Rank: 432247
6 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 152
www.google.com — Cisco Umbrella Rank: 2
1 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 98
29 KB
4 treasuredata.com
in.treasuredata.com — Cisco Umbrella Rank: 4504
2 KB
4 hinet.net
t.ssp.hinet.net — Cisco Umbrella Rank: 84860
76f1acc1-3ed2-4845-8260-e01daf697ff4.t.ssp.hinet.net
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
193 KB
3 trvdp.com
cnt.trvdp.com — Cisco Umbrella Rank: 38270
go.trvdp.com — Cisco Umbrella Rank: 34674
s.trvdp.com — Cisco Umbrella Rank: 30609
146 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
141 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 re-news.tw
storage.re-news.tw
asset.re-news.tw
re-news.tw
81 KB
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 25818
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
717 B
2 truvidplayer.com
stg.truvidplayer.com — Cisco Umbrella Rank: 27502
3 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
7 KB
2 google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 26283
515 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 979
bcp.crwdcntrl.net — Cisco Umbrella Rank: 850
13 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
94 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
58 KB
1 ad-score.com
rt.ad-score.com — Cisco Umbrella Rank: 27242
595 B
1 lndata.com
cm.lndata.com — Cisco Umbrella Rank: 161265
470 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1450
850 B
1 gstatic.com
fonts.gstatic.com
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
678 B
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133
1 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1740
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1352
5 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
13 KB
1 alphaloan.co
blog.alphaloan.co
181 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 5797
248 KB
1 rayskyinvest.com
www.rayskyinvest.com
612 KB
1 gbyhn.com.tw
img.gbyhn.com.tw
87 KB
1 racingcharger.tw
img.racingcharger.tw
213 KB
1 creditcards.com.tw
creditcards.com.tw
68 KB
1 prnasia.com
mma.prnasia.com — Cisco Umbrella Rank: 534895
25 KB
1 anymind360.com
anymind360.com — Cisco Umbrella Rank: 20760
43 KB
0 tagtoo.com.tw Failed
ttd-cm.tagtoo.com.tw Failed
204 44
Domain Requested by
24 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
13 log.popin.cc reurl.cc
13 tpc.googlesyndication.com reurl.cc
securepubads.g.doubleclick.net
cdn.ampproject.org
tpc.googlesyndication.com
12 securepubads.g.doubleclick.net reurl.cc
securepubads.g.doubleclick.net
www.googletagservices.com
10 r.popin.cc reurl.cc
10 cdn.ampproject.org securepubads.g.doubleclick.net
8 pagead2.googlesyndication.com www.googletagservices.com
reurl.cc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 www.facebook.com reurl.cc
static.xx.fbcdn.net
5 storage.reurl.cc reurl.cc
4 in.treasuredata.com api.popin.cc
4 cdn.holmesmind.com securepubads.g.doubleclick.net
cdn.holmesmind.com
4 api.popin.cc reurl.cc
api.popin.cc
3 event.tagtoo.co ecs.tagtoo.co
3 trace.popin.cc api.popin.cc
3 imageaws.popin.cc reurl.cc
3 ecs.tagtoo.co ad.tagtoo.co
ecs.tagtoo.co
3 t.ssp.hinet.net cdn.holmesmind.com
t.ssp.hinet.net
3 cm.g.doubleclick.net 2 redirects google-bidout-d.openx.net
3 www.googletagservices.com securepubads.g.doubleclick.net
3 www.google.com 1 redirects reurl.cc
tpc.googlesyndication.com
3 connect.facebook.net storage.reurl.cc
connect.facebook.net
fcm2.holmesmind.com
3 www.google-analytics.com storage.reurl.cc
www.google-analytics.com
reurl.cc
2 c.holmesmind.com 1 redirects cdn.holmesmind.com
2 cm-dev-poc.holmesmind.com cdn.holmesmind.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net google-bidout-d.openx.net
2 us-u.openx.net google-bidout-d.openx.net
2 match.adsrvr.org 2 redirects
2 stg.truvidplayer.com go.trvdp.com
s.trvdp.com
2 oajs.openx.net 1 redirects reurl.cc
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 www.google.co.jp reurl.cc
2 analytics.google.com www.googletagmanager.com
2 scontent-nrt1-1.xx.fbcdn.net www.facebook.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 www.googletagmanager.com reurl.cc
2 cdn.jsdelivr.net reurl.cc
1 76f1acc1-3ed2-4845-8260-e01daf697ff4.t.ssp.hinet.net cdn.holmesmind.com
1 rt.ad-score.com s.trvdp.com
1 s.trvdp.com go.trvdp.com
1 inrecsys.popin.cc reurl.cc
1 ad.holmesmind.com cdn.holmesmind.com
1 m.holmesmind.com cdn.holmesmind.com
1 fcm2.holmesmind.com cdn.holmesmind.com
1 fcm.holmesmind.com cdn.holmesmind.com
1 cm.lndata.com cdn.holmesmind.com
1 googleads.g.doubleclick.net reurl.cc
1 tg.socdm.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 uec.tagtoo.co api.popin.cc
1 ad.tagtoo.co api.popin.cc
1 tw.popin.cc api.popin.cc
1 google-bidout-d.openx.net oa.openxcdn.net
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 go.trvdp.com cnt.trvdp.com
1 cnt.trvdp.com securepubads.g.doubleclick.net
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 blog.alphaloan.co reurl.cc
1 static.wixstatic.com reurl.cc
1 www.rayskyinvest.com reurl.cc
1 img.gbyhn.com.tw reurl.cc
1 img.racingcharger.tw reurl.cc
1 creditcards.com.tw reurl.cc
1 mma.prnasia.com reurl.cc
1 re-news.tw reurl.cc
1 asset.re-news.tw reurl.cc
1 storage.re-news.tw storage.reurl.cc
1 anymind360.com reurl.cc
1 reurl.cc
0 ttd-cm.tagtoo.com.tw Failed uec.tagtoo.co
204 76

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw
Subject Issuer Validity Valid
reurl.cc
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
storage.reurl.cc
GTS CA 1D4		 2023-12-10 -
2024-03-09		 3 months crt.sh
anymind360.com
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-23 -
2023-12-22		 3 months crt.sh
storage.re-news.tw
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
asset.re-news.tw
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
re-news.tw
R3		 2023-10-29 -
2024-01-27		 3 months crt.sh
*.prnasia.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-11-24		 a year crt.sh
tls.automattic.com
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
img.racingcharger.tw
cPanel, Inc. Certification Authority		 2023-10-22 -
2024-01-20		 3 months crt.sh
gbyhn.com.tw
GTS CA 1P5		 2023-11-20 -
2024-02-18		 3 months crt.sh
*.rayskyinvest.com
R3		 2023-11-04 -
2024-02-02		 3 months crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA		 2023-08-03 -
2024-01-30		 6 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-11-24 -
2024-02-22		 3 months crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google.co.jp
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
*.trvdp.com
Amazon RSA 2048 M01		 2023-07-26 -
2024-08-23		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.popin.cc
Secure Site Pro CA G2		 2023-09-27 -
2024-10-27		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.truvidplayer.com
Amazon RSA 2048 M02		 2023-01-22 -
2024-02-20		 a year crt.sh
ad.tagtoo.co
GTS CA 1D4		 2023-11-02 -
2024-01-31		 3 months crt.sh
uec.tagtoo.co
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.lndata.com
GeoTrust RSA CA 2018		 2022-11-23 -
2023-12-24		 a year crt.sh
*.t.ssp.hinet.net
 2023-04-06 -
2024-04-06		 a year crt.sh
ecs.tagtoo.co
GTS CA 1D4		 2023-12-07 -
2024-03-06		 3 months crt.sh
*.treasuredata.com
Amazon RSA 2048 M01		 2023-07-16 -
2024-08-12		 a year crt.sh
*.ad-score.com
Go Daddy Secure Certificate Authority - G2		 2023-09-02 -
2024-10-03		 a year crt.sh
trace.popin.cc
GTS CA 1D4		 2023-12-11 -
2024-03-10		 3 months crt.sh
*.tagtoo.co
Go Daddy Secure Certificate Authority - G2		 2023-04-14 -
2024-05-15		 a year crt.sh

This page contains 17 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: 7416CF20873674594433C5B7B8ADA72E
Requests: 52 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Frame ID: 057EE1D1209B1DAA28CADDA6D23D27AB
Requests: 33 HTTP requests in this frame

Frame: https://944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1B6D012C1B548E8C7A8FCC08DFACE0C3
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: 628A7FBD40EBD9F7A6508AE61F6BD176
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSyhefIfrQNBicuQP61Xx-MxeYzfc6m04qegfCJTva3iZCmFarHytPqLh6JKTyv2ybpupRgeP45jzz-3jYC7xBUdX3j0hM1uofgEQN8p6vj6tf5255GQcEFjY4v5N5cb7g4MIImstQVSnV3xQgKb76PjvNBMzuVaO8t8ANTe20dPDfyPOZyhqdGlgE5ZSKYNYAgFcBiNAxrd1nhICImrXe5N_62oQcq-A76dAHQLudup0tIJvk0HzaZ4NcwBojitZys9YTZwOR0rLwKY8fHmymTiPuxFGt_GNTrrDqyeNeN4ZumatiTnOYSiWlMP5xH08T75V5sZtLEmqzblnuF6UvO3JjeeF8ut_M_OVc0myx5G_uwvcr5wi9anNQJ4umtJMvXh_SgQ&sai=AMfl-YQcpcEYdmD6vOr-i0AFV4Fy1fslJIwlxBLUOSGLyedy_uxfNy7N7VbE-sBkjHrkxsM4KfMiiMYr8UO6mkRb6eCoYz3fgJQ8g1BbCHYucuEtkN7kufrX5V5YR-pQwSKoJNosXyzYVEZdazSwZLLA-PY&sig=Cg0ArKJSzGJVjUNHNHe8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 8524B6FD69C0D18EAA3F53680B148175
Requests: 6 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: D8CACC51BE443B1ACFB50E5B68D5D35F
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ-UL4VLA_xSwTgXaB_wLvoo_LgUJIgKyCq113UgjIhjy9nX93MdTC4KwCaST-OLpHIXdzpdveGh0yT_cUn3wAirgybNyTctB0mHRkcVdlnt_3QbBOfIGVQ-cPAfUxHgKOzFbq6cG2NMjoMt1Lpgf372a7SWLtjdMamzBdmfINJeZ7vwu8mOEExmcv3qF8Rg9flPe3zrgwyUr6SBNRfEfoEEgjnnarOOp1wrTCo68WxK60lqv4e8Cd1MUKJoZBLUtFf14GTmmRIeduIfiEvIFEBTXL3pREcq4ifBaD11qWRhveUbzUZU8UuDjvKDkUzHUE7BUCWXoDC0Uxc0JEePhb-VFhAufQPjOyNyhmsYJzKTwuDFDNR0ofb-uoBqwS6fF3LYthmfY&sai=AMfl-YS2beKEAoO_WMhoH-1R4s8t2NrzZ2l-OtixohCoa2fEjjeGNny1I91qK8bMI2iVBx6M9v7hYDmvilRSX2qPjYvhQARBC9JEj1LJg7Xwz4U1EOxaPDjZeooSAAmPHHJOTTDQE0HPPCD1ungMZNrj1ETS&sig=Cg0ArKJSzJO8kUmtrcVREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 7B67BB19AE8B8B4E0BDBF9B4BA3EC186
Requests: 51 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 0776F17DA0E94E1A993DDD3016CCD48A
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEos-PttYHnGVZCPoro4mF8cTAlZJQmjnLYrFzQRgymZQZYlZSYVKUNzGOdenSjK1EpyNhRoYAjp72ts8O9VL0KfKPV71xGXJVGQBYjykhSp6AFwUO4lsr4t0-dmcqGbtT0LQw3v5SJESYuUf0SIBVIh7pGMOIB13cZtYXpUiENC71lQhsGtvm-FWODuX3QUzYPJ1JfcQfTHEjybTtgx4p1f7--1GnQ_OCg6J0zfgLtw9LdWwycWG6KfZtfAFsspM8HFVloh2jIVNdYhUQApkzjpxD0yqK3_pEUbfkcBevBSUGi7It9yCk7zZFuBNrYB576cUMN30NIqK2Vd62XzCRR8YJFIs3UsPmi5X4FsEYZXpDRavTjRR_s0eXccJIPKBHvJzJnqWQhcM&sai=AMfl-YRWhj1Vu3W1bFzeh-xUGVAup7EC4nAtNTpHtbwqyIUtM4r_q08qgUEEyMpiYjl4QGQWt1Qze90vP9mUjCzAcTBr7SAMAcMWBgSAcSa1VntmTw834S73N2jbrC1xwAB9TNeT1QgZ2mC9yqGuR-CJQ6K6&sig=Cg0ArKJSzI51aG-sSmlAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 04EBC5D86DB7C149833463BCD6A404D3
Requests: 6 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 24392C093DC5D4F6FB24C4EFBDF477B9
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 55CD21258C5FDCB76CFF24CC5F23E344
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 615826BB2B95CD342798835F38CFC677
Requests: 3 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: AC66D31399A3BAD11899A095979652EB
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 1FC53B7178F708DF0B083A1E9449E489
Requests: 1 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702635625&level=0
Frame ID: 758D40ED3D0BB69C5D9D6EC4FF519A17
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6286834D3DDFD88402CD7DD51B5C27F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF22CE0F182733FD78B0D2F0CDB10F04
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

204
Requests

94 %
HTTPS

0 %
IPv6

44
Domains

76
Subdomains

68
IPs

5
Countries

4331 kB
Transfer

9123 kB
Size

45
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Request Chain 123
  • https://match.adsrvr.org/track/cmf/openx?oxid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c3a7182d-4933-414e-bf69-8bc7679703a6&ttd_puid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0&gdpr_consent=
Request Chain 124
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXwoZ8Co5ugAAKCb5OcAAAAA
Request Chain 125
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUQJBd8CB-ks8AEDxkDZh4DM8AAAGMbP3Vzg
Request Chain 127
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFMPTGQsarlBYKk5KZeVLM&google_cver=1
Request Chain 128
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 139
  • https://c.holmesmind.com/cm HTTP 302
  • https://c.holmesmind.com/cm?tc=getIn&
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFnDKHl3zw7nFgWxhEMydj8&google_cver=1

204 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gaOWLp
reurl.cc/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
121.130.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c74c20f069307b7268e813d5c299557c24bc681357e602efcbb808c1d4d17636

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 15 Dec 2023 10:20:22 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
target
https://cla2.cn/SpY
vary
Accept-Encoding Origin
x-request-id
764029bc-d6bd-44fc-ae9a-b25015368248
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 		152 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 10:20:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
4421988
x-jsd-version
4.3.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25648
x-served-by
cache-fra-eddf8230028-FRA, cache-nrt-rjtf7700057-NRT
x-jsd-version-type
version
etag
W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
style.css
storage.reurl.cc/stylesheets/rwd/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 03:33:03 GMT
content-encoding
gzip
via
1.1 google
age
24439
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
904
x-request-id
e4b3ee57-1987-49ed-ad5d-f8ba95da4ecf
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ats.js
anymind360.com/js/9479/ 		181 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://anymind360.com/js/9479/ats.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.55 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Thu, 14 Dec 2023 10:42:53 GMT
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
85050
x-guploader-uploadid
ABPtcPqJtJomFMuhSH1LdN36GL7idXBtYdISrN0ZkRRqdykq4m6x3z2UvBSWqK8Sqs7peOUeF1I
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
43095
x-served-by
cache-tyo11954-TYO, cache-nrt-rjtf7700059-NRT
last-modified
Wed, 13 Dec 2023 09:45:54 GMT
server
UploadServer
x-timer
S1702635623.657671,VS0,VE0
etag
"e72b07c558bc8728eefd5f440f0b9622"
vary
Accept-Encoding
x-goog-generation
1702460754270910
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=8F8jdg==, md5=5ysHxVi8hyju/V9EDwuWIg==
access-control-expose-headers
Content-Type
cache-control
max-age=1200
x-goog-stored-content-length
43095
accept-ranges
bytes
x-cache-hits
1133, 13
pixel.js
storage.reurl.cc/javascripts/ 		429 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/pixel.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:14:17 GMT
content-encoding
gzip
via
1.1 google
age
18365
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
322
x-request-id
8a704508-3b1d-4548-889d-ba50427c34d7
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
ga2.js
storage.reurl.cc/javascripts/ 		536 B
637 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/ga2.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 04:10:49 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
age
22173
vary
Origin
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
536
x-request-id
45f7655c-1c11-4fae-bcbb-ed0e1fa6f6ca
js
www.googletagmanager.com/gtag/ 		284 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
98e9b23f13d3a63f282b04fc8bdb20341f7ca204070f15b5db0bc1a17538b187
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
96156
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 15 Dec 2023 10:20:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		90 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
eb55c0d56ac8124fa9f30df52a33f39d2ace6c26a94f755d31e829a81dd2cc61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29460
x-xss-protection
0
server
cafe
etag
133 / 19706 / m202312060101 / config-hash: 17400476758908410755
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:20:22 GMT
vue.min.js
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 10:20:22 GMT
x-content-type-options
nosniff
content-encoding
br
age
4429016
x-jsd-version
2.5.16
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
33184
x-served-by
cache-fra-eddf8230020-FRA, cache-nrt-rjtf7700057-NRT
x-jsd-version-type
version
etag
W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
renews.js
storage.reurl.cc/javascripts/ 		412 B
404 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/renews.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:10:24 GMT
content-encoding
gzip
via
1.1 google
age
4198
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
286
x-request-id
95aa5d9c-14c4-44af-8cdb-04f2174e1431
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
loading.js
storage.reurl.cc/javascripts/ 		134 B
229 B 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.reurl.cc/javascripts/loading.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.98.30 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
30.98.149.34.bc.googleusercontent.com
Software
/
Resource Hash
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 07:35:49 GMT
content-encoding
gzip
via
1.1 google
age
9873
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134
x-request-id
d08af940-8a2c-429f-a315-301795a55e1a
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Sep 2022 09:52:31 GMT
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*, Authorization, X-Authorization
cache-control
public,max-age=28800
access-control-allow-credentials
true
accept-ranges
bytes
page.php
www.facebook.com/plugins/ Frame 057E 		101 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
1eef2d71c36d9939f425f08c72a774b840850d2fccc637c28dc5f43e804fdbb2
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 10:20:22 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
HhksAZJYzgzxhPbC30W4GlELkf38y/FJude8zQfbbveTY4VtBd9zr3hS/HbDNn3Xrbz9ROPnwX+vbEXbiZk+ZA==
x-xss-protection
0
feeds
storage.re-news.tw/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://storage.re-news.tw/feeds
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.196.223 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
223.196.244.35.bc.googleusercontent.com
Software
/ Express
Resource Hash
758e4595ae4f28c5c74f752c9a702e88eb257dc69040fca0252b42feecb9f13f

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
via
1.1 google
x-powered-by
Express
etag
W/"1be8-1cDBQeJJgHvi16cheqF0Vo8i+5Q"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://reurl.cc
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7144
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 08:42:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5853
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 15 Dec 2023 10:42:49 GMT
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 10:20:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Kfn4EoT8NzwZCrHYWMloINo7APbCItUL0QMQfiq5UMAxqBY7x6ppqUOA7+xKDv+QsQW9Jrg5HzHcPmF2RAF0Cg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
1675200226052423
connect.facebook.net/signals/config/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
52ac73f3f70e5fb8aec73f2866f3549d1cacb6022b8710d6d432326571543bc0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 10:20:22 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
33887
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
3OuW4z8xx8MzO6A+0S8I7yCYOFiR/TSOeWz09cHPNCFsey31RDRFGpqi5fC1py+bq3aMCFdDX5weUl7P5Cwlpg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
hixai_01.png
asset.re-news.tw/images/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.re-news.tw/images/hixai_01.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.23.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:15:06 GMT
via
1.1 google
age
316
x-guploader-uploadid
ABPtcPr_TM2n-mAKQYPKbjAtQ8vLXa3flaBNImBsIgP_pa6TtMqR160-OkKowW4W80ra_XuUiZr3QUXKTRa9sbp17sE3PaqNIYH3
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50782
last-modified
Wed, 13 Dec 2023 00:18:11 GMT
server
UploadServer
etag
"4bc4e9cf9ad6014d41500be13cd9346a"
x-goog-generation
1702426691735325
x-goog-hash
crc32c=YULtsQ==, md5=S8Tpz5rWAU1BUAvhPNk0ag==
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
50782
accept-ranges
bytes
renews-title1.png
re-news.tw/images/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://re-news.tw/images/renews-title1.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.185.136.122 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
122.136.185.35.bc.googleusercontent.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
last-modified
Sun, 28 Nov 2021 04:19:19 GMT
server
nginx/1.18.0 (Ubuntu)
accept-ranges
bytes
etag
"61a30347-5fad"
content-length
24493
content-type
image/png
ibm_logo.jpg
mma.prnasia.com/media2/95470/4458398/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mma.prnasia.com/media2/95470/4458398/ibm_logo.jpg?p=medium600
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.239.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
4cfb2fc5725c2717da03dfd1f68847cfd3e194b6aac29bb4630ebedf242a76eb

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
cf-cache-status
HIT
age
14131
x-powered-by
ASP.NET
server-timing
intid;desc=c434c77143174352
content-length
25167
cf-bgj
h2pri
last-modified
Fri, 15 Dec 2023 06:21:35 GMT
server
cloudflare
vary
*, Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
cf-ray
835df4223e3b8090-NRT
access-control-allow-headers
Content-Type
expires
Fri, 15 Dec 2023 06:21:36 GMT
2023-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/01/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creditcards.com.tw/wp-content/uploads/2023/01/2023-%E5%9B%9B%E5%A4%A7%E8%B6%85%E5%95%86%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1-1080x630.jpg?crop=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
76ef3fb13b0de7baec1b77aa515dba7fe735b8883690b1a8829e01cacf73c0aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-ac
3.nrt _atomic_bur BYPASS
content-length
69060
x-nc
HIT bur 4
last-modified
Thu, 30 Nov 2023 04:59:05 GMT
server
nginx
etag
"81b29f1fff9def21"
vary
Accept
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
expires
Sat, 29 Nov 2025 16:59:05 GMT
2023121502200385.jpg
img.racingcharger.tw/wp-content/uploads/ 		213 KB
213 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.racingcharger.tw/wp-content/uploads/2023121502200385.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
61-216-47-122.hinet-ip.hinet.net
Software
Apache /
Resource Hash
fd5ab52da021087bc78c866c8a8649b61d3f74e2f6273e6649892290f40ee5f4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 15 Dec 2023 02:20:13 GMT
server
Apache
accept-ranges
bytes
content-length
217630
content-type
image/jpeg
1702485020-1bc27f433ebc6179b82fbe0b9a18547b-840x525.jpg
img.gbyhn.com.tw/2023/12/ 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gbyhn.com.tw/2023/12/1702485020-1bc27f433ebc6179b82fbe0b9a18547b-840x525.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.96.9 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1bd63170e4cba4a8408381a617375d2e60a2546c06adda69a9f484c73d58265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
149569
alt-svc
h3=":443"; ma=86400
content-length
88849
last-modified
Wed, 13 Dec 2023 16:30:20 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BgfGd7NC3Q7MZXvThAt1Ky1twtO2at0v%2Bc9Q%2FXTpNJgHckgmtIlk%2BmAJfjwMYDZqrd%2F8VBiUsV6vRtRjltb1RHNIFTWTfXRusnEzSNSFCKMxOOKur28gOZDk%2BmGSGWi12HxX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
835df4223bdc6880-NRT
expires
Wed, 20 Dec 2023 16:33:36 GMT
%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 		612 KB
612 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.160.17.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.17.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-proxy-cache
HIT
date
Fri, 15 Dec 2023 10:20:22 GMT
expires
Sat, 14 Dec 2024 09:25:55 GMT
last-modified
Sat, 02 Dec 2023 07:13:09 GMT
server
nginx
etag
"656ad905-98e3b"
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
626235
x-cdn-c
all
x-sg-cdn
1
file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 		248 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.174.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-174-96.nrt57.r.cloudfront.net
Software
openresty/1.21.4.1 /
Resource Hash
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-seen-by
image-manipulator-7c76496fbd-bz6ff
date
Fri, 13 Oct 2023 11:18:20 GMT
via
1.1 google, 1.1 03b7e9f8df503f6b2ae9c8f94431c7ee.cloudfront.net (CloudFront)
server
openresty/1.21.4.1
x-amz-cf-pop
NRT57-C2
age
5439722
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
JX8ApoqKXAR_PVVRkrxqRRZcBeHd1s5eaJlzaEWWryVDyu4mkxjSvg==
content-length
253615
wix-tracer
2WhrxaKwv8p2lJNwgKmnBT7r70v
%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 		180 KB
181 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
strict-transport-security
max-age=31536000
x-ac
3.nrt _atomic_bur BYPASS
last-modified
Thu, 27 Apr 2023 05:06:22 GMT
server
nginx
etag
"644a02ce-2d1f7"
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
184823
expires
Fri, 22 Dec 2023 10:20:22 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702635622767&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702635622764.1669658210&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702635622737&coo=false&cs_cc=1&rqm=GET
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 15 Dec 2023 10:20:22 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/j/ 		4 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=335571032&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2095307461&gjid=1046820269&cid=973735110.1702635623&tid=UA-102456694-1&_gid=36470138.1702635623&_r=1&_slc=1&z=2040751332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=335571032&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTk4LjEzLjM1Ljc3&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=973735110.1702635623&tid=UA-102456694-1&_gid=36470138.1702635623&z=2122979576
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s21-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 14 Dec 2023 23:12:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
40047
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/ 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 11:39:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
81671
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138180
x-xss-protection
0
server
cafe
etag
6854214708762155125
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 13 Dec 2024 11:39:11 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=973735110.1702635623&jid=2095307461&gjid=1046820269&_gid=36470138.1702635623&_u=IEBAAEAAAAAAACAAI~&z=874941421
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 15 Dec 2023 10:20:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
nYpzKWqvlq9.css
static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/ Frame 057E 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
990706829aa2bca47e97f5e8968b4cf8841c7c54c2ca26deb6be90dd62fc9310
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
nDPW/+31tCvFJ038ft3H3A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5201
reporting-endpoints
x-fb-debug
SGyv9nmKijksAFKaRzbC9Yiw5ZnAGrP/780GOi9tmDCI3IFyYbkEqTNf8N1MNIdci4UrZL37FxxL4IvLhzeMag==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 22:12:56 GMT
V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 057E 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mEms5HNO4RW/YAm2lY0J/Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6478
reporting-endpoints
x-fb-debug
2FKOcdFgDuplfAzBKrSPAMlkPEdd5SjrCXl6DpmH/JlmoF8nPNHoIyzH9u1yNr56lus6tEeqaFWPDLtlmhm36Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 23:18:02 GMT
XWfJpLVtDx_.css
static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,ja_JP/ Frame 057E 		22 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y3/l/0,ja_JP/XWfJpLVtDx_.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
ad939677568b08c5be2f82a3eb6198c75a7f96b724aff7277e6fe82f110f842e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PTlueuOjto5D6V99DNODvQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5062
reporting-endpoints
x-fb-debug
U66IzYkvORuotlJi/JudsQxE9CesP3RaKOAy1WtczPl67081rJWs7MnoiX83gzy52lSx3KHq0k0CKnOP8gsYBw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:39:22 GMT
LTP94XvPA2s.js
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 057E 		354 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
d8e65749a56b2ac5451d794970517649fc715938e7e65ce0d45d2380d8b53ab5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
exa45ghiiUhY/b9ztdoY1g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
93781
reporting-endpoints
x-fb-debug
b8ZSwzhut9rJRODjvAUGV0NHbhXNLhl62DGQBv3eBD42tsEEe222+tGjbamVhg1EDGsAsj103gOukmQVxNHuXA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 23:29:12 GMT
ZvbJLvqRjQB.js
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 057E 		93 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ZvbJLvqRjQB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
970bfb4004579c73787d2f2744ce0c8c66d202ffbfd553ce318f458fdcfec5c0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AcoVBXNEE77A/1jMZzYlSg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27054
reporting-endpoints
x-fb-debug
7y+fWAWNDzALttLCEWHJ3t+ykHFbQBa/42rebVLCflGGaCKnPJqpZmmI5vWxvV4QEIP4sQy1hfVQZmPLFkhIhQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:38:42 GMT
ecc9spa1308.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 057E 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/ecc9spa1308.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
f276072e7a6c8d236837b6bb94ed110bb58715939479dde97a86aae4589cba78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
j3QnMGCopCPPLhIdggoTYQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3153
reporting-endpoints
x-fb-debug
pWooLveasAIn76rf77WNNn1nVlpnl1F6zXfzxMXlXtDqobTtzdHHVcfvuFXRzzela+icchOWc9OrujNXW0BT9Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:11:43 GMT
8bldmsbpAhD.js
static.xx.fbcdn.net/rsrc.php/v3/y1/r/ Frame 057E 		52 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y1/r/8bldmsbpAhD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4LY6iPvdsoz2sXdsRhqtTw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16955
reporting-endpoints
x-fb-debug
LAa2r9XSJVHmcF7Is6kHx7DdAq9p28Amrqe8VFjsJY0Tx8cbRqOAqWpF/t2swH6XQaKEHFwqiiZPb81OmC2s+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 21:53:11 GMT
p55HfXW__mM.js
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 057E 		507 B
487 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
L5E9gSgR735vyjAzTFly4g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
293
reporting-endpoints
x-fb-debug
xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 18:53:20 GMT
3mr-_N1X4DO.js
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/ Frame 057E 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yi/l/ja_JP/3mr-_N1X4DO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mjvZ5joGpic7fey1cr75Fw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7933
reporting-endpoints
x-fb-debug
RMhFp29+mLdtErZTVaPfXK7HCyxzOzmvYuec8+MY32QrhmD4371adVgFGPuSYWtE6FXbq4Qkk8/en0SdL9EBAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 02:32:00 GMT
KudK-WKp3ZH.js
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 057E 		71 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
phAMyoOpvbhoet00DvMWkg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20298
reporting-endpoints
x-fb-debug
V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 30 Nov 2024 23:19:01 GMT
F3ylxRzKzIP.js
static.xx.fbcdn.net/rsrc.php/v3iUOk4/yq/l/ja_JP/ Frame 057E 		348 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iUOk4/yq/l/ja_JP/F3ylxRzKzIP.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2d98213d5267f7ae207fd5d7469f0ffc82b2c1b413a0d066e1b004f200fccbab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LSGSBavt6adw/jmnJ63Qxg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
83411
reporting-endpoints
x-fb-debug
yNWTeHaozaQqsGG5Qn2p4uvnMuKboWW56GskQCNseEwbXzpiZ8on5ALRz1TSwNCsYcIhicVLjhJOWSVnSgAN/A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 20:51:54 GMT
TioQWlTZ3BG.js
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 057E 		397 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
95634
reporting-endpoints
x-fb-debug
oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:24:12 GMT
J7aoe9C-4TZ.js
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 057E 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/J7aoe9C-4TZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2bd0ddcb6972531a5e93a4152a9903b859480510430ce5483008383d72f91ed2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AWfjhjDfJZ6OWGsvInBIpw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12469
reporting-endpoints
x-fb-debug
jOwX82JYKfJRyZ6R9fIAbwFnDiFpwxBJT/85HmkCDs1jjTDuCpD1iggJ1d2qO8KPEBosec3/4TEpj9ueOzhx8A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 19:14:03 GMT
Z2f98b5LabO.js
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 057E 		208 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/Z2f98b5LabO.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
094519e9151eb01e7ce6adcb098638de24d0cf5f9182632d0f54c65a60a09e94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Y/4hCJa7rd4EIfTCw4cMWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
60966
reporting-endpoints
x-fb-debug
JKRicFXUZRYyvQk9zkVm89wfuaPU7h7vm2aYIq4Nxtuw1X3rCKaE3hRnhO2Ijn6TMwFg5yXL3Bw7gKZOf03EMA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 07:50:02 GMT
EjdAug5mQIB.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 057E 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QpoZNtNrb1RRm+1fPhnrPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7378
reporting-endpoints
x-fb-debug
UMVcWdPvWlAWKVQrbcCoxN+kSDryNg+CAbPilhMPMb8w/8dBgo3amCwilMUy7yqpMUtxKqPsaicPCSrOvnCjDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 10 Dec 2024 06:33:46 GMT
-U6CwrkFkLw.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 057E 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/-U6CwrkFkLw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
5wlfDrXyDMlD8JmH+DbWqQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6829
reporting-endpoints
x-fb-debug
EblvZk3cztYR1/3ntU3D4kgcsVWfrtACJqxKkLhDrFx3LfPf/YnW38yAXf6Ep+EJRVmV37FVpci0VoUGo92h+g==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 16:39:22 GMT
HzxD9aAXSyD.js
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 057E 		55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
oRcNmPqvdkv3ysBSBC5rSQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
15157
reporting-endpoints
x-fb-debug
E7HEf7GE1ouopcherERCdwAkmePXk9XADW+70gW4hvK1MnxHRafsiahYIKBQckTmsCVot1DjzSp1e5hRD+1m9A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:48:21 GMT
325141786_6140032619364934_7377705774471631398_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-6/ Frame 057E 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=_hym2Po8y4sAX_oxm79&_nc_ht=scontent-nrt1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfBJySr9NUynT3goyNK9_9RHN4gWvSOkl79BOPCdPVJ03Q&oe=65816E85
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Fri, 13 Jan 2023 04:15:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1433450679
thrift_fmhk
GBAVr21o7FKkUNKXKsW5IOgfFeq3uckLAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2910780274
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
16853
305964663_450890893727816_1742559653774706626_n.jpg
scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/ Frame 057E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-nrt1-1.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=6DQ8whkoxpEAX8Bf3ua&_nc_ht=scontent-nrt1-1.xx&edm=ADwHzz8EAAAA&oh=00_AfAiQ8JCBSthdhsRLvOMFEGnrxpT4ZUm9dlxJu_J7WcXdQ&oe=65802E15
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language
ja-JP
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 08 Sep 2022 19:16:03 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=2540016234
thrift_fmhk
GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
88386505
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1345
priority
u=3,i
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 05 Dec 2023 05:12:22 GMT
server
nginx
etag
W/"656eb136-aa2f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 16 Dec 2023 10:20:22 GMT
ob.js
cdn-ima.33across.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:22 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 30 Oct 2023 20:31:13 GMT
server
cloudflare
age
570208
etag
W/"65401291-2b7d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
835df423ae2aafdc-NRT
expires
Mon, 18 Dec 2023 10:20:22 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 20:29:45 GMT
content-encoding
gzip
age
913837
x-guploader-uploadid
ABPtcPov-txRzSmQTRO-Tz408XDiITKVvPNRo9Mu4E3aZKZgOTVSS2nrvbBIooMmUkM8ZWHdCPvkPanRjsnrlPSgAeT94w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Tue, 03 Dec 2024 20:29:45 GMT
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google, 1.1 google
last-modified
Thu, 03 Aug 2023 03:28:51 GMT
server
Google Frontend
etag
fc4e6bfe266081c4873c6f08c8298e5c
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
9f2c8b474e6680538316aa1543a1c1e9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1207
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-16.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 22:15:15 GMT
content-encoding
gzip
via
1.1 ba1ce9c69a66256a857451734e2da0ae.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
43508
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
r82ODedXM7CN6Ss6FYoU1-su0Yvi3Qqj83spD-X67iiZXliY7-t_4g==
ads
securepubads.g.doubleclick.net/gampad/ 		168 KB
32 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135210058710717&correlator=3024991123393547&eid=31079958%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702635622959&lmt=1702635622&adxs=245%2C1005%2C245%2C625&adys=455%2C108%2C108%2C108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250&msz=1110x90%7C350x250%7C350x250%7C350x250&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&ga_vid=973735110.1702635623&ga_sid=1702635623&ga_hid=335571032&ga_fc=true&dlt=1702635622649&idt=273&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
92edda4f7c7c5f5c4c34e428e911e2abcd1b0c4b1b02c95a76f8704a8177529b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32334
x-xss-protection
0
google-lineitem-id
-1,6424070779,-1,6297900949
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,138456634296,-1,138432357881
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1135210058710717&correlator=3024991123393547&eid=31079958%2C31079527&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702635622971&lmt=1702635622&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=973735110.1702635623&ga_sid=1702635623&ga_hid=335571032&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYrKT358YxSABSAghkEhsKDDMzYWNyb3NzLmNvbRirpPfnxjFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20Yq6T358YxSABSAghkEhcKCHJ0YmhvdXNlGKyk9-fGMUgAUgIIZBIUCgVvcGVueBirpPfnxjFIAFICCGQ.&dlt=1702635622649&idt=273&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
a7bdc71d348b7ea1e4002e75c3a4b4d12bf8666f713f451b2e541294059e6231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12505
x-xss-protection
0
google-lineitem-id
6263003938
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428653768
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1B6D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 10:20:23 GMT
expires
Sat, 14 Dec 2024 10:20:23 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702635622682&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=973735110.1702635623&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702635623&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=483
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=973735110.1702635623&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
173.194.174.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
td-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=973735110.1702635623&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=628729569
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=973735110.1702635623&jid=2095307461&_u=IEBAAEAAAAAAACAAI~&z=1516292000
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.207.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.jp/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=973735110.1702635623&jid=2095307461&_u=IEBAAEAAAAAAACAAI~&z=1516292000
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.198.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 057E 		573 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
content-md5
07aG/2AEtDHVAZ5LUajMDQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
573
reporting-endpoints
x-fb-debug
ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Thu, 05 Dec 2024 21:03:22 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame 057E 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame 057E 		955 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
037bd36b23b3c140a57277c93ed4c586b2759f97c6d7a8bd6ebbf54d3c629e6d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
13b1uESyW68M1Y_29SCaOI
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 10:20:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
+5uLMwkNYk/oUNsoEw7FGP/UkbvqqY2pDy/4yopq1HNL7ztWLg4hmzaNvuirp6sHy6fc9tsoMoMrYPQWcwaf7w==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 057E 		955 B
664 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
764b78f93d1b371f2a36b7987627f9b18f19fd18fea4ff6dab7c6870a288973d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
13b1uESyW68M1Y_29SCaOI
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID
129477
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
date
Fri, 15 Dec 2023 10:20:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma
no-cache
x-fb-debug
sBz0PmrY2m4Jbms0rCuWbv7KRsV0/wQaX7+X4eu0F1Pa01DHNcsGunPV/OCPTMJKYMSDG0d9dtXk4Q+a2Oy03Q==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-methods
OPTIONS
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials
true
vary
Origin, Accept-Encoding
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
syncframe
gum.criteo.com/ Frame 628A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 10:20:22 GMT
server
Kestrel
server-processing-duration-in-ticks
309421
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 057E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
content-md5
Bsv/k/2TeJemYEeLUt4www==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12027
reporting-endpoints
x-fb-debug
9K4FVCzo+HBwGo/nn3SMybjMfx6IrRqxvjei+QzmZ4nC4zuFaBocqjCD3RyBAkw11cyzeYp/iIJ8zuTN2YIBRg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Wed, 11 Dec 2024 20:21:50 GMT
xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 057E 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
ja-JP
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yk/l/0,ja_JP/nYpzKWqvlq9.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
content-md5
rB4cTW8WNZcBsFntToJGtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1315
reporting-endpoints
x-fb-debug
B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 01 Dec 2024 17:51:04 GMT
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
85 B
193 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
b6d132d4c6e689d9c18f52b97559792b709570c2da280030a19b24558cc07394

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-sFbZuCu70MOQqyVfl3w/lqDs2ls"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://reurl.cc
location
/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
3cJdVUPPYYa.js
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 057E 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/3cJdVUPPYYa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2ca9b8154eda919124700c5a189c42215aa9be89ba443d7d2fee713ed5a99ba5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
1jYr6PPRerxjrIuPgxXYYw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3454
reporting-endpoints
x-fb-debug
TdVJ+gTMcrZkxwGdyWVCLyVjPiKTTagZUAorUuzJc1z/xx3KKx/dHjvxKfKjrSAqsrNZieFCITCS3jP5Nbt9yg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Fri, 13 Dec 2024 20:51:54 GMT
mRZlwFC1QDw.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 057E 		339 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/mRZlwFC1QDw.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3abc2cf308effad347741a64ceb2e89090062f1a1435e68b471177f87800f7e7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2k6Ks11FVMK6XbgZRYfiYA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
74654
reporting-endpoints
x-fb-debug
9DqRwzLbZlUxhHjzF3EHVqR6HOj0iDoYMAllSW1Ofpw2PE/QVjnWlbjhNIRRqmwQCU60nsnLlQJkalKbEJXlDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Wed, 11 Dec 2024 20:22:58 GMT
QQEU1-TaC4N.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 057E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
uDyhM5TI+HxzvqrjM1/g4w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
898
reporting-endpoints
x-fb-debug
jZbnD5UT6OlBDFq1rVzl64XM0J8M5Jd+r/URSNlX8LsuWe1iL3rWwXYl7ADLhm2A3Y1usGOx9g4D9oEsIfRnAw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 12 Dec 2024 23:20:02 GMT
map
bcp.crwdcntrl.net/6/ 		235 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.251.47.187 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-251-47-187.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6f0f9fc26e45915f670425ff27abc25970778edf1c64f1b95809c4439e240c36

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://reurl.cc
cache-control
no-cache
x-server
10.42.6.157
access-control-allow-credentials
true
content-length
235
expires
0
json
gum.criteo.com/sid/ Frame 628A 		441 B
560 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
d682b3479a3d8e2e6e5da9d656b693e083e96472b8164a30a8105815f34315c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
ja-JP
Referer
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:22 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2023278
expires
0
ieeHDjcGsIR.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 057E 		213 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/ieeHDjcGsIR.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
content-md5
oSUZEsOZh+qyGbXjvLFs7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
213
reporting-endpoints
x-fb-debug
PaQaxrrG/SwH/VCxoBLUJjuZVRObYZsc6u8gggjVxB+aLLJmRUd1odY1Hhf/Ee68u+Hm63Q7+IpSs0RaVwM7Eg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=1
expires
Tue, 03 Dec 2024 18:38:39 GMT
/
www.facebook.com/login/ Frame 057E 		0
0
/
www.facebook.com/login/ Frame 057E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/LTP94XvPA2s.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-nrt1.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 15 Dec 2023 10:20:23 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
wCvSAzLuqx/d7zO3FNwKGu7tx3L1+hzYMjSqkUMDc6fGsZwYax5o8ArdxSY7A8CBmgjQYVcBZvtF4Q6Kd46GZg==
x-frame-options
DENY
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 8524 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssSyhefIfrQNBicuQP61Xx-MxeYzfc6m04qegfCJTva3iZCmFarHytPqLh6JKTyv2ybpupRgeP45jzz-3jYC7xBUdX3j0hM1uofgEQN8p6vj6tf5255GQcEFjY4v5N5cb7g4MIImstQVSnV3xQgKb76PjvNBMzuVaO8t8ANTe20dPDfyPOZyhqdGlgE5ZSKYNYAgFcBiNAxrd1nhICImrXe5N_62oQcq-A76dAHQLudup0tIJvk0HzaZ4NcwBojitZys9YTZwOR0rLwKY8fHmymTiPuxFGt_GNTrrDqyeNeN4ZumatiTnOYSiWlMP5xH08T75V5sZtLEmqzblnuF6UvO3JjeeF8ut_M_OVc0myx5G_uwvcr5wi9anNQJ4umtJMvXh_SgQ&sai=AMfl-YQcpcEYdmD6vOr-i0AFV4Fy1fslJIwlxBLUOSGLyedy_uxfNy7N7VbE-sBkjHrkxsM4KfMiiMYr8UO6mkRb6eCoYz3fgJQ8g1BbCHYucuEtkN7kufrX5V5YR-pQwSKoJNosXyzYVEZdazSwZLLA-PY&sig=Cg0ArKJSzGJVjUNHNHe8EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 10:20:23 GMT
7942.js
cnt.trvdp.com/js/1250/ Frame 8524 		535 B
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cnt.trvdp.com/js/1250/7942.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.172.52.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-52-87.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 10 Oct 2023 04:28:17 GMT
via
1.1 bd9de9aa9985e33927fc929a35369438.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 15:54:16 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-P2
age
5723527
etag
"f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
535
x-amz-cf-id
GiwISY5pcSe5_MUP7ZENCvGArOlqqd2m9DXVE661AqpvtR6X6YaMvg==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8524 		203 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:20:23 GMT
7942.js
go.trvdp.com/init/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.trvdp.com/init/7942.js
Requested by
Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.65.185.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-65-185-40.nrt57.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 16:21:32 GMT
via
1.1 c840859ec974616ca6ae517a4e6900e8.cloudfront.net (CloudFront)
last-modified
Sat, 25 Mar 2023 08:02:02 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P2
age
19936732
etag
"cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
binary/octet-stream
accept-ranges
bytes
content-length
5845
x-amz-cf-id
sCNL9eRg1W9RG0UtL2QdA-NRHlMoPl9B8_dsQxh4lqlx01UYrFRPkA==
bz
www.facebook.com/ajax/ Frame 057E 		0
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame D8CA 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 20:40:31 GMT
age
567592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 20:40:31 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D8CA 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:03:24 GMT
age
11819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:03:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D8CA 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:09:02 GMT
age
11481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:09:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D8CA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:11:40 GMT
age
11323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:11:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame D8CA 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:05:45 GMT
age
11678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:05:45 GMT
css
fonts.googleapis.com/ Frame D8CA 		476 B
678 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=o%E3%81%A8%E9%85%92D%E7%B4%B0%E6%A5%BD%E5%BF%AB%E8%A9%B3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.161.74 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s09-in-f10.1e100.net
Software
ESF /
Resource Hash
6fff16c8d8e2d8e5a5fa52c6b0878a7875136cec9002c58b73dc258685b30335
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 15 Dec 2023 10:20:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 15 Dec 2023 10:20:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7B67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ-UL4VLA_xSwTgXaB_wLvoo_LgUJIgKyCq113UgjIhjy9nX93MdTC4KwCaST-OLpHIXdzpdveGh0yT_cUn3wAirgybNyTctB0mHRkcVdlnt_3QbBOfIGVQ-cPAfUxHgKOzFbq6cG2NMjoMt1Lpgf372a7SWLtjdMamzBdmfINJeZ7vwu8mOEExmcv3qF8Rg9flPe3zrgwyUr6SBNRfEfoEEgjnnarOOp1wrTCo68WxK60lqv4e8Cd1MUKJoZBLUtFf14GTmmRIeduIfiEvIFEBTXL3pREcq4ifBaD11qWRhveUbzUZU8UuDjvKDkUzHUE7BUCWXoDC0Uxc0JEePhb-VFhAufQPjOyNyhmsYJzKTwuDFDNR0ofb-uoBqwS6fF3LYthmfY&sai=AMfl-YS2beKEAoO_WMhoH-1R4s8t2NrzZ2l-OtixohCoa2fEjjeGNny1I91qK8bMI2iVBx6M9v7hYDmvilRSX2qPjYvhQARBC9JEj1LJg7Xwz4U1EOxaPDjZeooSAAmPHHJOTTDQE0HPPCD1ungMZNrj1ETS&sig=Cg0ArKJSzJO8kUmtrcVREAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
cf_reurl_tw_gam.js
api.popin.cc/searchbox/ Frame 7B67 		127 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
4cff4212145b681f769f38c90dcef6433f17863f418f00c2881fe547cd86c4c8

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:23 GMT
x-amz-version-id
x576D8ghAo5I3B80CIB9Fbt0lijiRrZk
Content-Encoding
gzip
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Last-Modified
Thu, 14 Dec 2023 02:54:01 GMT
Server
nginx
ETag
W/"12f285eff7a5f00bc0a281fdf048ac61"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Expires
Fri, 15 Dec 2023 11:20:23 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7B67 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:20:23 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D8CA 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 07:13:25 GMT
x-content-type-options
nosniff
server
cafe
age
11218
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sat, 16 Dec 2023 07:13:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D8CA 		344 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
52646
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 19:42:57 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 0776 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 08 Dec 2023 20:40:31 GMT
age
567592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Dec 2024 20:40:31 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0776 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:03:24 GMT
age
11819
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:03:24 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0776 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:09:02 GMT
age
11481
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:09:02 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0776 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:11:40 GMT
age
11323
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:11:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 0776 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.220.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s17-in-f1.1e100.net
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 15 Dec 2023 07:05:45 GMT
age
11678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 14 Dec 2024 07:05:45 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0776 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 07:13:25 GMT
x-content-type-options
nosniff
server
cafe
age
11218
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sat, 16 Dec 2023 07:13:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0776 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
52646
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 19:42:57 GMT
truncated
/ Frame 0776 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e8d0aae7148408df4d2472412cb912ad28f6511bfd5a765b2f0b806fdf54c581

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 04EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEos-PttYHnGVZCPoro4mF8cTAlZJQmjnLYrFzQRgymZQZYlZSYVKUNzGOdenSjK1EpyNhRoYAjp72ts8O9VL0KfKPV71xGXJVGQBYjykhSp6AFwUO4lsr4t0-dmcqGbtT0LQw3v5SJESYuUf0SIBVIh7pGMOIB13cZtYXpUiENC71lQhsGtvm-FWODuX3QUzYPJ1JfcQfTHEjybTtgx4p1f7--1GnQ_OCg6J0zfgLtw9LdWwycWG6KfZtfAFsspM8HFVloh2jIVNdYhUQApkzjpxD0yqK3_pEUbfkcBevBSUGi7It9yCk7zZFuBNrYB576cUMN30NIqK2Vd62XzCRR8YJFIs3UsPmi5X4FsEYZXpDRavTjRR_s0eXccJIPKBHvJzJnqWQhcM&sai=AMfl-YRWhj1Vu3W1bFzeh-xUGVAup7EC4nAtNTpHtbwqyIUtM4r_q08qgUEEyMpiYjl4QGQWt1Qze90vP9mUjCzAcTBr7SAMAcMWBgSAcSa1VntmTw834S73N2jbrC1xwAB9TNeT1QgZ2mC9yqGuR-CJQ6K6&sig=Cg0ArKJSzI51aG-sSmlAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
init.js
cdn.holmesmind.com/js/ Frame 04EB 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/init.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-3.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Wed, 15 Nov 2023 00:04:29 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
13
x-amz-server-side-encryption
AES256
etag
"2b18447e41c64d14195cefd72eb57400"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
9645
x-amz-cf-id
hPprr53zT-Q-Re1Imi5_YiEeiHodelat-f89INvZmiPNM3BUo2qw3A==
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 04EB 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Dec 2023 10:20:23 GMT
5512864076162600209
tpc.googlesyndication.com/simgad/ Frame 0776 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5512864076162600209?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAjd2uwGkBOMx7tCuWRDw0fmXFyg
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
fdfb2e2bb687472d594ec75115f6fe8bf498e8b21a3cfe794b965a81c362f425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 15:11:16 GMT
x-content-type-options
nosniff
age
68947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29271
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 07:38:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Dec 2024 15:11:16 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5799871290814449174/ Frame D8CA 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5799871290814449174/14763004658117789537?w=195&h=102&tw=1&q=75
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
6c94aa17634aec5b96dbd4b061fbdc15dd95152449167fb0b61e4ba74224f573
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Sat, 14 Dec 2024 07:15:09 GMT
date
Fri, 15 Dec 2023 07:15:09 GMT
x-content-type-options
nosniff
age
11114
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6578
x-xss-protection
0
last-modified
Fri, 16 Dec 2022 06:29:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
14763004658117789537
tpc.googlesyndication.com/simgad/17847321331090812019/ Frame D8CA 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17847321331090812019/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
91098ce09c5b18dbfef38102f3ebb8fb8fa7c4bcdf2aaf50324dfa9378f57bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Fri, 13 Dec 2024 23:43:44 GMT
date
Thu, 14 Dec 2023 23:43:44 GMT
x-content-type-options
nosniff
age
38199
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1991
x-xss-protection
0
last-modified
Thu, 26 Jan 2023 09:59:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame D8CA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b24874f19ca4d89a153e31a2593b10f8bce455aa885ed7fdc14d46ffa245fe27

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
pd
google-bidout-d.openx.net/w/1.0/ Frame 2439 		484 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7f9bccc769774a7d85aa077bf15afdc4957d97bf48a2faf1878975e2c18c49ea

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
307
content-type
text/html
date
Fri, 15 Dec 2023 10:20:23 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
p.php
stg.truvidplayer.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=214.29904481360174&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-119.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
ceddce623458efca1b3b4cc5a8a04d84e70823af209d3825e528f89a51f60d46

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
content-encoding
gzip
via
1.1 3230a3d42078a094780d1894002fcfd4.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
https://reurl.cc
access-control-allow-credentials
true
x-amz-cf-id
OW4qHaCCMIl1gZbAgVU6bbbBInYFW4YK7QVuMW54LHFxrjP0vEMtVg==
td_js_sdk_171.js
api.popin.cc/ Frame 7B67 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:23 GMT
x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 15 Dec 2023 11:20:23 GMT
recommend
tw.popin.cc/popin_discovery/ Frame 7B67 		29 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Freurl.cc%2FgaOWLp&&device=pc&media=reurl.cc&extra=windows&agency=popinag&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=12dd16c9e2dd55415b91702603223636&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ1c2VyX3RkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInVzZXJfdGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInVzZXJfdGRfcGF0aCI6Ii9nYU9XTHAiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiIiwidXNlcl90ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInVzZXJfdGRfcGxhdGZvcm0iOiJXaW4zMiIsInVzZXJfdGRfaG9zdCI6InJldXJsLmNjIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTcwMjYzNTYyMzYzNywiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_9ada93272498
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
b2dc63cfd50e02d0256033b0cb7c97c44830fff6a2dec2fc92abf0bbadf1c5e1

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.13.5
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
track.js
ad.tagtoo.co/media/ad/ Frame 7B67 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.tagtoo.co/media/ad/track.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.12.34 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.12.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d20139c9138e849d5f5935bcc482be2b21e43ae116ff4950ed4e5c89dba0184b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:57:27 GMT
content-encoding
gzip
via
1.1 google
age
1376
x-guploader-uploadid
ABPtcPrttsGwNWc54Y5sxYhnbLVf1gtCR4EVf7hF3cReJlhXUYu0yRnXb70m9yo6d3kplJkLs-Inn6DMse-H7lV9fkSJBw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1808
last-modified
Fri, 15 Dec 2023 09:41:13 GMT
server
UploadServer
etag
"272774bfd4f8b5a5c78ce82870cc19bf"
vary
Accept-Encoding
x-goog-generation
1702633273480157
x-goog-hash
crc32c=YlJkQQ==, md5=Jyd0v9T4taXHjOgocMwZvw==
access-control-allow-origin
*
access-control-expose-headers
Content-Type,Access-Control-Allow-Origin
cache-control
public, max-age=3600
x-goog-stored-content-length
1808
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Fri, 15 Dec 2023 10:57:27 GMT
tuec.js
uec.tagtoo.co/ Frame 7B67 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uec.tagtoo.co/tuec.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.150.21 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
21.150.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:31:48 GMT
content-encoding
gzip
age
2915
x-guploader-uploadid
ABPtcPoiM0C4OpXTpQlbGaRlGHaog12q45zRtSyXdm0QgtSQ6vJrrx0oWWQ8UDKDFnS19LtmLcWXP8UqebVjzohOhckq
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3770
last-modified
Tue, 12 Dec 2023 09:08:46 GMT
server
UploadServer
etag
"2fa133db50cd81d87b8ffb8729a6ab35"
vary
Accept-Encoding
x-goog-generation
1702372126688115
x-goog-hash
crc32c=IxwxIw==, md5=L6Ez21DNgdh7j/uHKaarNQ==
content-type
application/javascript
cache-control
public,max-age=3600
x-goog-stored-content-length
3770
accept-ranges
bytes
popin_discovery5-min.js
api.popin.cc/ Frame 7B67 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:23 GMT
x-amz-version-id
Ob3Rg3l4X4hYCDKCZi4TBB1j2gDUvWNq
Content-Encoding
gzip
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Last-Modified
Thu, 14 Dec 2023 10:19:50 GMT
Server
nginx
ETag
W/"7f4851f932ed60220942b1f8c3704083"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Timing-Allow-Origin
*
Expires
Fri, 15 Dec 2023 11:20:23 GMT
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImxvYyI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfb3MiOiJXaW5kb3dzIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5In0=&t=1702635623639
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ1aWQiOiIxMmRkMTZjOWUyZGQ1NTQxNWI5MTcwMjYwMzIyMzYzNiIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiJ9&t=1702635623642
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
font
fonts.gstatic.com/l/ Frame D8CA 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxoeljiGBkLwq3KGaiYVYgTXEXN-5Cw&skey=72472b0eb8793570&v=v52
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C700&text=o%E3%81%A8%E9%85%92D%E7%B4%B0%E6%A5%BD%E5%BF%AB%E8%A9%B3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.196.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s35-in-f3.1e100.net
Software
ESF /
Resource Hash
7f636545bfe60be8f60da5ca8c14329df87a55f9c091eaa84ac3f6508fefb00d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://reurl.cc
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 00:10:32 GMT
x-content-type-options
nosniff
age
36591
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3980
x-xss-protection
0
last-modified
Tue, 02 May 2023 23:59:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
expires
Fri, 15 Dec 2023 00:10:32 GMT
capmapping.htm
cdn.holmesmind.com/js/ Frame 55CD 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/capmapping.htm
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-3.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
42
content-length
9921
content-type
text/html
date
Fri, 15 Dec 2023 10:20:13 GMT
etag
"d9100a146ee339f43d0752ef9c998a0d"
last-modified
Tue, 17 Oct 2023 03:41:19 GMT
server
AmazonS3
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
x-amz-cf-id
V7JsfKYxHaY6XQQHV7xbzIMe8GBfYPkFOnfyO05gFla4VaTGxXh8Mg==
x-amz-cf-pop
NRT20-C2
x-amz-server-side-encryption
AES256
x-amz-version-id
TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache
Hit from cloudfront
presetfn.js
cdn.holmesmind.com/js/ Frame 6158 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-3.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date
Fri, 15 Dec 2023 10:20:09 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Mon, 04 Dec 2023 05:41:00 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
54
x-amz-server-side-encryption
AES256
etag
"f4a52d8d8c27ce73cc789edbfef51e62"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
10828
x-amz-cf-id
fyNWOvpQRScmxFEaGqWqVgK3JSbIs4iiUCu4QMy3xILEFE50zbjx4Q==
truncated
/ Frame 8524 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e7784a4ac217e81bfc78060c55fe542fcf2b26eb5ce28d0513805593bb6b624

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8524 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZ2VdJy9yLxwoGsSj_1QdIPqjUT2lJEHbFeXTuGCb73gAhS0kw9w080xBSqL3jdy5E8dal9y--gWiSFTy94vUCiNPoD8fqiJgGlnKlXYW3eb3SLYRdG9LmH0pn6ATRRGNZhzngL6JbvjN3rqjJqfvzbAuPLKnNZfeMReZCT0G-_IITmbckimXyia__wX3KrWCFDFDtCkPgec5H-ySDQX4yz4x1DrBlDU0uo8zCeAU8EbyQ0A7f4OO1EriSSFANsFC_wWV232a43jWtIJJkaRXR2r9OZpQ2J3eqCHr5iycP-ASAoRt9-2vl77YPcaLdtyOkRNO76czHOT6_paZyaKsTkaoyUJcH5n5y0ZpvOkyDvCRE0k5VNBxCvmSR5HWhBfa765Gdg6_L&sai=AMfl-YT-zionu9Cf1Daijcb6ZuLAnWkthPwvteGac50FC1bb40vZVyOu7MutVvixYNWAXm9fIZh2e7xH7xpBh8HMT0Pb6xqQpYRdzzsQs3YqoRtmsSKonNx9gXzuwUoTN7i98cHupQCRDMyJwgl8GxcmPRc&sig=Cg0ArKJSzLBuG1UAKGByEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 10:20:23 GMT
truncated
/ Frame 7B67 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb355af5899b88aa60cd1ee8e1cc49e85e44b4c19164cb440e70387096c355cd

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
sd
us-u.openx.net/w/1.0/ Frame 2439
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=c3a7182d-4933-414e-bf69-8bc7679703a6&ttd_puid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0&gdpr_consent=
43 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c3a7182d-4933-414e-bf69-8bc7679703a6&ttd_puid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0&gdpr_consent=
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=c3a7182d-4933-414e-bf69-8bc7679703a6&ttd_puid=ba8eedba-8485-7e09-c2e8-9db5f6c4d3e2&gdpr=0&gdpr_consent=
date
Fri, 15 Dec 2023 10:20:23 GMT
server
Kestrel
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 2439
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXwoZ8Co5ugAAKCb5OcAAAAA
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXwoZ8Co5ugAAKCb5OcAAAAA
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 15 Dec 2023 10:20:23 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"198.13.35.77","key":"ZXwoZ8Co5ugAAKCb5OcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad429"}
X-SO-Key
ZXwoZ8Co5ugAAKCb5OcAAAAA
Server
nginx
X-SO-Upstream-ID
m-ad429
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXwoZ8Co5ugAAKCb5OcAAAAA
Cache-Control
private
X-SO-HostName
m-ad429.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
1
Content-Length
0
X-SO-LB-Hostname
a-tgng40017.dc2p.scaleout.jp
X-SO-IP
198.13.35.77
sd
jp-u.openx.net/w/1.0/ Frame 2439
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUQJBd8CB-ks8AEDxkDZh4DM8AAAGMbP3Vzg
43 B
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUQJBd8CB-ks8AEDxkDZh4DM8AAAGMbP3Vzg
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 0fdd05f152588a84969bff9452442f70.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
NRT57-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=ATuUQJBd8CB-ks8AEDxkDZh4DM8AAAGMbP3Vzg
cache-control
no-cache
content-length
0
x-amz-cf-id
XxFn72vHfbKbe88O9HaWDQjq77G8zRKdxsw4dgQdzTHqG2uMXt5NQg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 2439 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OTZlMTNlNzAtNGRmMi0yMGFkLWQ3MDgtYzcwYzNjMjYxZDgy
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s20-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2439
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFMPTGQsarlBYKk5KZeVLM&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFMPTGQsarlBYKk5KZeVLM&google_cver=1
Requested by
Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
ja-JP
Referer
https://google-bidout-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENFMPTGQsarlBYKk5KZeVLM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0776
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Server
142.251.222.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s71-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
5512864076162600209
tpc.googlesyndication.com/simgad/ Frame 0776 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5512864076162600209?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkAjd2uwGkBOMx7tCuWRDw0fmXFyg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
fdfb2e2bb687472d594ec75115f6fe8bf498e8b21a3cfe794b965a81c362f425
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 15:11:16 GMT
x-content-type-options
nosniff
age
68947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29271
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 07:38:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 13 Dec 2024 15:11:16 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0776 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 07:13:25 GMT
x-content-type-options
nosniff
server
cafe
age
11218
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Sat, 16 Dec 2023 07:13:25 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0776 		344 B
402 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 14 Dec 2023 19:42:57 GMT
x-content-type-options
nosniff
server
cafe
age
52646
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Fri, 15 Dec 2023 19:42:57 GMT
truncated
/ Frame 04EB 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc4fc490cd4de8d904a7f92cb76eff153ce8fe29c95e6a2ef34f1e4c5653f68a

Request headers

accept-language
ja-JP
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
/
cm.lndata.com/ Frame 55CD 		35 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software
TornadoServer/1.2.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 15 Dec 2023 10:20:24 GMT
Server
TornadoServer/1.2.1
Connection
keep-alive
Etag
"0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length
35
P3P
CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
fp
cm-dev-poc.holmesmind.com/ Frame AC66 		0
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.11.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-11-114.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 10:20:23 GMT
server
nginx/1.18.0 (Ubuntu)
cm.php
fcm.holmesmind.com/ Frame 1FC5 		39 B
182 B 		Document
General
Check archive.org
Download Go to
Full URL
https://fcm.holmesmind.com/cm.php
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
231.67.95.34.bc.googleusercontent.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer
https://cdn.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 10:20:26 GMT
server
Apache/2.4.29 (Ubuntu)
via
1.1 google
cm.js
fcm2.holmesmind.com/ Frame 55CD 		409 B
632 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fcm2.holmesmind.com/cm.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.112.169.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-112-169-241.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Dec 2023 10:20:23 GMT
server
nginx/1.18.0 (Ubuntu)
content-type
application/javascript; charset=utf-8
utag.js
t.ssp.hinet.net/ Frame 55CD 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 15 Dec 2023 10:30:23 GMT
fp
cm-dev-poc.holmesmind.com/ Frame 55CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-dev-poc.holmesmind.com/fp
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.113.11.114 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-113-11-114.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
cm
c.holmesmind.com/ Frame 55CD
Redirect Chain
  • https://c.holmesmind.com/cm
  • https://c.holmesmind.com/cm?tc=getIn&
0
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.holmesmind.com/cm?tc=getIn&
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
93.76.201.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=UTF-8

Redirect headers

date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 google
server
nginx/1.10.3 (Ubuntu)
x-powered-by
PHP/7.0.18-0ubuntu0.17.04.1
content-type
text/html; charset=UTF-8
location
https://c.holmesmind.com/cm?tc=getIn&
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
google
m.holmesmind.com/ml/ Frame 55CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
  • https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFnDKHl3zw7nFgWxhEMydj8&google_cver=1
0
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFnDKHl3zw7nFgWxhEMydj8&google_cver=1
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Server
35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
156.249.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
x-guploader-uploadid
ABPtcPoLheO9GfVxD3Mq7b4qz40p28PhT_4oovkoYz8vjxWSh6ePtDZcus1kFgI-NBLzCTza1CNz2zP9V-mSlfpHX-ZREQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
last-modified
Wed, 21 Feb 2018 07:36:41 GMT
server
UploadServer
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation
1519198601160228
content-type
image/png
x-goog-hash
crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control
public, max-age=3600
x-goog-stored-content-length
0
accept-ranges
bytes
expires
Fri, 15 Dec 2023 11:20:23 GMT

Redirect headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEFnDKHl3zw7nFgWxhEMydj8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Preset.js
ad.holmesmind.com/adserver/ Frame 6158 		1 KB
673 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.103.101 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-103-101.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
https://reurl.cc
date
Fri, 15 Dec 2023 10:20:23 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
js-md5.js
cdn.holmesmind.com/js/ Frame 6158 		30 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.holmesmind.com/js/js-md5.js
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.126.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-126-3.nrt20.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date
Fri, 15 Dec 2023 10:20:23 GMT
via
1.1 49d76082c676e546e46736f5331f9cb2.cloudfront.net (CloudFront)
last-modified
Tue, 14 Nov 2023 14:04:56 GMT
server
AmazonS3
x-amz-cf-pop
NRT20-C2
age
13
x-amz-server-side-encryption
AES256
etag
"ab3f6a2aedec7585237d5fb727bebcbb"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30621
x-amz-cf-id
JAaPPCno3jz8q_yWnz__o0BF0S4pDvHDBqJDNyzr3UHDWj_bI_BW4w==
3134.js
ecs.tagtoo.co/js/ Frame 7B67 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/3134.js
Requested by
Host: ad.tagtoo.co
URL: https://ad.tagtoo.co/media/ad/track.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:37:06 GMT
content-encoding
gzip
age
2597
x-guploader-uploadid
ABPtcPqK1KbKUICTNT7GvhNfGvEGQ_QcaLLWmEct3Q39b6DYvRx34_do4gwSTvIthsweoZ64N6kU5XvWM9wnpUQceGCzAShkDnUz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20110
last-modified
Wed, 06 Dec 2023 04:54:12 GMT
server
UploadServer
etag
"c850b80896c41c8272295a934e2f4145"
vary
Accept-Encoding
x-goog-generation
1701838452348554
x-goog-hash
crc32c=Lcx2rw==, md5=yFC4CJbEHIJyKVqTTi9BRQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=5400
x-goog-stored-content-length
20110
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Fri, 15 Dec 2023 11:07:06 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ Frame 7B67 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702635623915&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MCwicmVxdWVzdF9hZCI6MTAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIwZWMyM2Q0Mi1kNzdhLTQ4YjYtODkyMC05ZjQ5NzhkM2RjZTgiLCJ1aWQiOiIxMmRkMTZjOWUyZGQ1NTQxNWI5MTcwMjYwMzIyMzYzNiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InJldXJsLmNjIiwidGRfcGF0aCI6Ii9nYU9XTHAiLCJ0ZF9yZWZlcnJlciI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.181.98.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-181-98-169.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Fri, 15 Dec 2023 10:20:23 GMT
Strict-Transport-Security
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
logo.png
api.popin.cc/images/ Frame 7B67 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.popin.cc/images/logo.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:23 GMT
x-amz-version-id
null
Last-Modified
Tue, 02 Apr 2019 12:00:56 GMT
Server
nginx
ETag
"b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status
HIT from 10.252.55.25
Content-Type
image/png
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
2316
Expires
Fri, 15 Dec 2023 11:20:23 GMT
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ1aWQiOiIxMmRkMTZjOWUyZGQ1NTQxNWI5MTcwMjYwMzIyMzYzNiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InJldXJsLmNjIiwidGRfcGF0aCI6Ii9nYU9XTHAiLCJ0ZF9yZWZlcnJlciI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1702635623911
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
log.popin.cc/log/popin_ads/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MCwicmVxdWVzdF9hZCI6MTAsImRtZiI6Im0iLCJyZXNwb25zZV9hZCI6MTAsInNtamFkIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIwZWMyM2Q0Mi1kNzdhLTQ4YjYtODkyMC05ZjQ5NzhkM2RjZTgiLCJ1aWQiOiIxMmRkMTZjOWUyZGQ1NTQxNWI5MTcwMjYwMzIyMzYzNiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InJldXJsLmNjIiwidGRfcGF0aCI6Ii9nYU9XTHAiLCJ0ZF9yZWZlcnJlciI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1702635623915
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=12dd16c9e2dd55415b91702603223636&type=pc_pv&nid=pc&media=reurl.cc&r5=cc_NONE&t=1702635623916&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjBlYzIzZDQyLWQ3N2EtNDhiNi04OTIwLTlmNDk3OGQzZGNlOCIsInVpZCI6IjEyZGQxNmM5ZTJkZDU1NDE1YjkxNzAyNjAzMjIzNjM2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1702635623916
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
other
inrecsys.popin.cc/PopinService/Logs/ Frame 7B67 		0
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvZ2FPV0xwIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX2lwIjoiMTk4LjEzLjM1Ljc3IiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwia2V5Ijoia2V5MTcwMjYzNTYyMzYzNyIsIm5vdyI6MTcwMjYzNTYyMzkxNiwiY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ1aWQiOiIxMmRkMTZjOWUyZGQ1NTQxNWI5MTcwMjYwMzIyMzYzNiIsInNtaklkIjoiIiwiZGV2aWNlIjoicGMiLCJkaXNoX21lZGlhIjoicmV1cmwuY2MiLCJkaXNoX2NhdGVnb3J5IjoiIiwiZGlzaF9kb21haW4iOiJyZXVybC5jYyIsInZfZGlzaF9sYWJlbHMiOiIiLCJ2X2Rpc2hfdGxhYmVscyI6IiIsImxvZ2lkIjoiMGVjMjNkNDItZDc3YS00OGI2LTg5MjAtOWY0OTc4ZDNkY2U4IiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRvbWFpbiI6InJldXJsLmNjIiwicG9waW5fdmVyc2lvbiI6Nn0=
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
119.63.197.136 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length
0
Cross-Origin-Resource-Policy
cross-origin
Content-Type
text/plain
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=&type=pc_channel_pv&nid=pc&media=reurl.cc&r5=ch_banner-3x1&t=1702635623922&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJiYW5uZXItM3gxIiwiZXhwZWN0ZWRfYWQiOjMsInJlbmRlcmVkX2FkIjozLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InJldXJsLmNjIiwidXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJnZW9fY291bnRyeSI6InR3IiwibG9naWQiOiIwZWMyM2Q0Mi1kNzdhLTQ4YjYtODkyMC05ZjQ5NzhkM2RjZTgiLCJ1aWQiOiIxMmRkMTZjOWUyZGQ1NTQxNWI5MTcwMjYwMzIyMzYzNiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMzAweDI1MCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMTA5IFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IldpbjMyIiwidGRfaG9zdCI6InJldXJsLmNjIiwidGRfcGF0aCI6Ii9nYU9XTHAiLCJ0ZF9yZWZlcnJlciI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEyMC4wLjYwOTkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwiY2F0ZWdvcnkiOiIiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1702635623922
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
log.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=12dd16c9e2dd55415b91702603223636&url=https%3A%2F%2Freurl.cc%2FgaOWLp&t=1702635623922
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=12dd16c9e2dd55415b91702603223636&type=pc_imp&nid=&media=reurl.cc&r5=cc_NONE&t=1702635623974&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjQsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjBlYzIzZDQyLWQ3N2EtNDhiNi04OTIwLTlmNDk3OGQzZGNlOCIsInVpZCI6IjEyZGQxNmM5ZTJkZDU1NDE1YjkxNzAyNjAzMjIzNjM2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1702635623975
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo2LCJjaGFubmVsX2lkIjoiYmFubmVyLTN4MSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjBlYzIzZDQyLWQ3N2EtNDhiNi04OTIwLTlmNDk3OGQzZGNlOCIsInVpZCI6IjEyZGQxNmM5ZTJkZDU1NDE1YjkxNzAyNjAzMjIzNjM2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1702635623975
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=&type=pc_channel_imp&nid=&media=reurl.cc&r5=ch_banner-3x1&t=1702635623975&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=12dd16c9e2dd55415b91702603223636&type=pc_inview&nid=pc&media=reurl.cc&r5=cc_NONE&t=1702635623975&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjMsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjBlYzIzZDQyLWQ3N2EtNDhiNi04OTIwLTlmNDk3OGQzZGNlOCIsInVpZCI6IjEyZGQxNmM5ZTJkZDU1NDE1YjkxNzAyNjAzMjIzNjM2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1702635623975
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjUsImNoYW5uZWxfaWQiOiJiYW5uZXItM3gxIiwiYm94X3Bvc2l0aW9uIjoiaWZyYW1lIiwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJyZXVybC5jYyIsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiMGVjMjNkNDItZDc3YS00OGI2LTg5MjAtOWY0OTc4ZDNkY2U4IiwidWlkIjoiMTJkZDE2YzllMmRkNTU0MTViOTE3MDI2MDMyMjM2MzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvZ2FPV0xwIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1702635623975
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=&type=pc_channel_inview&nid=pc&media=reurl.cc&r5=ch_banner-3x1&t=1702635623975&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adview
securepubads.g.doubleclick.net/pagead/ Frame D8CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CtXFqZyh8ZZWPAoDks8IP4aSe0Aark_HgdLmwk8DeEfvSw7m6NxABINLMgRpgifPFhPQToAG_zbvmKMgBCakC0TuM9MREPj7gAgCoAwHIAwqqBK4CT9BkhKLZccyzt_KzgluoevxQQgrq7SIH_CyAYPCw_fKTPqg7jtSNsRyyYZ_VzQSwGWt1ntIXLqdGaHTbEWggisUbuwqBsv2vPA_cJgBuG2AB6Qkjo-U1klbm3dyAIMfculk2mEArp3Zju7qi2mgID7cGs6Uq_5DJ8705UaXqaTC4fgp-Si7X9p4X35Gv3Ivj-SgkIuC0ZxVveVZL_FKGtqnCVNtGywulYLX270yezsc_bslkPgZbQdRTSMcwxBK5BJyLxg8byCRIPQj6al93vohzvQz2T32Ma-BqD4oZuDLI7nXRoAer6oV6WwpizmTDtfyECZVQFxZ2Js02BTozpGDe-cnVgJ9l55MHE4VGo4icAfdXHbaU9V41tEDnnhPxuQ5uRxTZzAmW-uTVO47ABPfF-P2nBOAEAYgF6s3w5keSBQQIBBgBkgUECAUYBKAGLoAHv4WMxgOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBC-5ALSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WJfl9vubkYMDmgllaHR0cHM6Ly93d3cubWRzb2wuY28uanAvbHAvc2FrZWNsb3VkLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPXNha2VjbG91ZF9nbHSACgPICwGiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBAKChDA0ue3nYzZtxgSAgED4g0TCKGi9_ubkYMDFQDyTAIdYZIHargT5APYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=U4kMiOmW4jg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_iWnd5UfzUtVzjtx9j-h0ejP4P0_kv8Fq_QqEsLptBfkQspQ0v0w-zESZNrhruSAq62yNjY2Du2PXjDbYzZv8Fx0GGda0lqC2ryIYAQ&template_id=484&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 0776 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cao6xZyh8ZZePAoDks8IP4aSe0Aag2JzHdL2f5qyGEven26-RQRABINLMgRpgifPFhPQToAG3noHGKcgBAqkC0TuM9MREPj7gAgCoAwHIAwiqBLUCT9B9v6fd2WpFilO9bWw6lg_scoWhVFSz-sibKWovZSfgdP9LATLvoa9kElOLDHtqhPsNvAzsEB87ox0TiubQlA26P-zPiwALQWa937p3Ae6cdK9Z8SYqail-9TTU_igsKsRhLdx1N675Nnn8vNXc3YABRIPBL3jkoi0DH79Ykc_AI_j4JOT2lPGSE5_vm3gY8gPt-vanWORMloi2UEeBZVWoDNnq0TT_uDo6eFIp7QHiOuUaAtMO7IiDmA-86TDtTpu6j6RJwZ3iwBB1bd1rBoG6C_GvBjb-l4o-KFMPGzwFM6-g23qUSwAGFEPNHRSjDfl79pGJjwERBPScOMvhpz-DmUO5f7cCy8XQ1QYz9BmmhFg2bZz3UmhOGLJS5uGa6HlDUlL0I5-8HnclAtKiYp5pHhxiwASNtNqxwATgBAGIBfHSoopNkgUECAQYAZIFBAgFGASgBgKAB7fW0aUEqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQnJQI0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliX5fb7m5GDA5oJqQFodHRwOi8vb25kYW5rYXRhaXNha3UuZW52LmdvLmpwL2RlY29rYXRzdS9lY28tbGlmZS9pbnN1bGF0aW9uLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWluc3VsYXRpb25fMSZ1dG1fY29udGVudD0wNjUyMDJfMjUweDI1MF8yMzEyMTExOTI5MzIuanBngAoDyAsBogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQgK7P5OfFj7ZiEgIBA-INEwijovf7m5GDAxUA8kwCHWGSB2rYEw3QFQGAFwGyFx4KHAgAEhRwdWItNDEyNjU1NDc3OTM5Mzk4NhjizBk&sigh=s9ep5yAnylg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_iWnd5UfzUtVzjtx9j-h0ejP4P0_kv8Fq_QqEsLptBfkQspQ0v0w-zESZNrhruSAq62yNjY2Du2PXjDbYzZv8Fx0GGda0lqC2ryIYAQ&cbvp=2
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
fbevents.js
connect.facebook.net/en_US/ Frame 55CD 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-nrt1.fbcdn.net
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 15 Dec 2023 10:20:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
h4ewhJolbDHvpyV0VjADk8AkmXtaeLKLyxf0MZMZ2WX/xOcAiyabVK8TMHKiptfd1BZYuaGlzkONoahFNybAxQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
unitrack.js
ecs.tagtoo.co/js/ Frame 7B67 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/unitrack.js
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/3134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 09:14:42 GMT
content-encoding
gzip
age
3941
x-guploader-uploadid
ABPtcPqUStO9TfTsmGr2oI7gxXtd3QyESmdD_IukPyUCgAdU3e1106nNtAX5kk5I6Aujhb6aMsP4GBfLkt7lRKKKsHRDeQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8725
last-modified
Wed, 17 May 2023 07:38:52 GMT
server
UploadServer
etag
"ccd513edbe3eb66c17d73c94d6462526"
vary
Accept-Encoding
x-goog-generation
1684309132134575
x-goog-hash
crc32c=Uh9iNA==, md5=zNUT7b4+tmwX1zyU1kYlJg==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public,max-age=5400
x-goog-stored-content-length
8725
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
expires
Fri, 15 Dec 2023 10:44:42 GMT
be007d36dedab4f1b314a68354bc9327.png
imageaws.popin.cc/ML/ Frame 7B67 		556 KB
556 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/be007d36dedab4f1b314a68354bc9327.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
d4d6346b18fd7d68cb2133e761085b56df8cd8b7af6b8a32393f5ab9a9f71700

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:24 GMT
x-amz-version-id
T9MvP1ymggoOS6HElMHPQRxIATkl3JVB
Cross-Origin-Embedder-Policy
require-corp
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.43.46
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
568865
Last-Modified
Thu, 16 Nov 2023 08:23:20 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"be007d36dedab4f1b314a68354bc9327"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Sat, 14 Dec 2024 10:20:24 GMT
0c6b58b883f3143d39e13913025ce47f.png
imageaws.popin.cc/ML/ Frame 7B67 		99 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/0c6b58b883f3143d39e13913025ce47f.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
c673bfbbeb6fe323b05cebc869e3355c33a8cac53069ae61aa6a940265e4b84a

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:24 GMT
x-amz-version-id
T5fd0gkjLTdqX5ly4k_e..SB3ws.i.7L
Cross-Origin-Embedder-Policy
require-corp
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.43.46
x-amz-replication-status
REPLICA
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
101671
Last-Modified
Tue, 05 Dec 2023 13:22:45 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"0c6b58b883f3143d39e13913025ce47f"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Sat, 14 Dec 2024 10:20:24 GMT
335d9c65b4f49b79b557ab1be5f4b724.png
imageaws.popin.cc/ML/ Frame 7B67 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/ML/335d9c65b4f49b79b557ab1be5f4b724.png
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
f0761a75d725daf4c2704c79695201236d4ccbe4d39a26c039300275b28a3ccf

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 15 Dec 2023 10:20:24 GMT
x-amz-version-id
zLzy6W.e.HD3Rp11A8qjwdYjDsqOJY8P
Cross-Origin-Embedder-Policy
require-corp
x-amz-server-side-encryption
AES256
X-Cache-Status
HIT from 10.252.43.27
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
27199
Last-Modified
Wed, 21 Jun 2023 02:22:34 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
ETag
"335d9c65b4f49b79b557ab1be5f4b724"
Content-Type
image/png
Cache-Control
max-age=31536000
Accept-Ranges
bytes
Expires
Sat, 14 Dec 2024 10:20:24 GMT
/
t.ssp.hinet.net/ Frame 55CD 		37 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
691c942937cc7b012a40cbf9b4952136c4494bd1c1655d8ea1b88eb1fc765095
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:23 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
view
securepubads.g.doubleclick.net/pcs/ Frame 7B67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstElMTe55rJ-FY9weCe4wkd6lVqGnT7YSGY9RlBgBNOZHPYlWMrHF9a_bcShQWKuX1TYzLGjk2cm5AOlmDu8X0zITQwxUm2pPGF-FoAj9jnQk3cd6zDRM6SwLWv4ne6cNzEKxdYEx8gsXwsRoEagkZUI8rJZlQtgvnrNiDlqyUUnJ-qFBe4N9QNfomIfNDr97SKlieUkEwfYAK6S6i5kSqkBBIZJFsu9UzIzACR4paYHdoUMBH9I8fim1cDZOktaEle4Kmup697PeEqCHcktogmnt5VDAnBlroFPiUt2SJBDlrfmCwLqPSSlFJO5HNbh2BxTzyop_CEXFjgKGw9Ux1rTQ85L9FaFZug7YgTE3Ul327fYy1YOjITFnjrhrvnc3-SxIkfasKS3g&sai=AMfl-YRneX8eKkuxMzAulxWYL3w4aX5O0ZH6T29DPytN5uIWZpSB9kxPPky4dt2XbCbWVEB373l-nX3QefmWbOHgid2N6ihjYmsGilXZsgDMwdPM841HTpkSJ1PVte0sgEaO1hTgEUX_ze8SPKAj4LPfJQzH&sig=Cg0ArKJSzEpR2zErUGObEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 10:20:24 GMT
float.js
s.trvdp.com/scripts/v5.832/ 		469 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.trvdp.com/scripts/v5.832/float.js
Requested by
Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-31.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 09 Dec 2023 12:39:55 GMT
content-encoding
gzip
via
1.1 0962027405631ad0b2b25cd64e62ca38.cloudfront.net (CloudFront)
last-modified
Sun, 15 Oct 2023 15:13:28 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-C2
age
510029
etag
W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
lcRFrGsOpPoMgrsPAWQ-qY5bI82CLUK8WCmKwfYCpQ2lcbOxOeKhaw==
cors
rt.ad-score.com/score/ 		52 B
595 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.967588208517492
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
35.208.216.174 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
174.216.208.35.bc.googleusercontent.com
Software
/
Resource Hash
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 15 Dec 2023 10:20:24 GMT
Age
0
Access-Control-Allow-Methods
GET,POST
P3p
CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin
https://reurl.cc
Content-Type
text/plain; charset=utf-8
Cache-Control
post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
52
cm
t.ssp.hinet.net/ Frame 55CD 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=76f1acc1-3ed2-4845-8260-e01daf697ff4
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://cdn.holmesmind.com
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
76f1acc1-3ed2-4845-8260-e01daf697ff4.t.ssp.hinet.net/ Frame 55CD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://76f1acc1-3ed2-4845-8260-e01daf697ff4.t.ssp.hinet.net/pixel?bd=76f1acc1-3ed2-4845-8260-e01daf697ff4&t=cf&referrer=https%3A%2F%2Freurl.cc
Requested by
Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
ja-JP
Referer
https://cdn.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame 8524 		42 B
404 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstSm8meRpwDKzX1pA2ud3pHkCSxZuV-mzgSembu-7J4S_9wxNs0wLy9hlB4YyYmAHe5gkoWGD-McxmyEYsF7Yv1TGT6OGO6DVhxag8nRP96NYOD-oIqS_YvxYiBbqKtvCMaEM-Hp1Y8ZnSop8IOJ_cKD3AK&sig=Cg0ArKJSzBc-McaJqjImEAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702635623383&rpt=374&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prtct.php
stg.truvidplayer.com/v5.832/ Frame 758D 		0
329 B 		Document
General
Check archive.org
Download Go to
Full URL
https://stg.truvidplayer.com/v5.832/prtct.php?val=f&geo=JP&timestamp=1702635625&level=0
Requested by
Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.86.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-86-119.nrt12.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 15 Dec 2023 10:20:24 GMT
server
nginx
via
1.1 3230a3d42078a094780d1894002fcfd4.cloudfront.net (CloudFront)
x-amz-cf-id
kSFTnN9l_gT8wXj-n78ZXPefO6h-CsdE4VKeXmRXB85SdxE1CHiCGA==
x-amz-cf-pop
NRT12-C2
x-cache
Miss from cloudfront
activeview
pagead2.googlesyndication.com/pcs/ Frame D8CA 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszumUQaso7Tok72Jf5H8l3AI4deHCRwxm4Sx6GZiUuVmYjlpwDdRt3Yha0BcTc65TiW_PXcGnrasT5RtUw1DC4-Lgwl6RPL6YvUZgdqfW4ukaX78ZPQSUtzE1k6fBDz2vALxUZkOcz70e4tCciX95gSel2&sai=AMfl-YSnc6brPdgLNwD4ElI9jRMxrRD1TVLJ9jnlwvlug0p5xid5nn4FpyF1DxP6r-mr1jxyEoVxKEQ3dGNBD9ojOP4gcfwY1FM3_Tt7RSIRTwf_XqF2zHzgqanNfp59E1B9TGOY7YpNAUejHglVdzxO_g&sig=Cg0ArKJSzKA05zsPWJJwEAE&cid=CAQSTwAvHhf_iWnd5UfzUtVzjtx9j-h0ejP4P0_kv8Fq_QqEsLptBfkQspQ0v0w-zESZNrhruSAq62yNjY2Du2PXjDbYzZv8Fx0GGda0lqC2ryIYAQ&id=ampim&o=315,455&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=472&tls=1472&g=100&h=100&tt=1472&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0776 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss675QP8-vPHBlBrzdiRS6Z-8TIztyDZKkLNKfvAzC4WJGZunsaQp2EQkZ4knocwm3BJfLPLBZGjej4To3gY3cmEF6cAvFa0uq6bQV4mGrfpz8ZcczBi9ea6RYz-TA-856HllqHq1vF5RmjUzUgK-ublOOiYsguVRMP7Egrj-Sat8CdmAq_hWs&sai=AMfl-YSsyJi64eLdX0JtDLd2W5ZepO8fo90t5aIUniA4jSEwlpavr6JM3BuIvPsigzSK5ozI0VsxL-U0XZyAQqLQuGtq6uKf8dTr3nsRTo1DBchIPNzeGD0m-BptS5-04QzArgOc5BggKXUpJeobsJ4seg&sig=Cg0ArKJSzNXlNqSngifnEAE&cid=CAQSTwAvHhf_iWnd5UfzUtVzjtx9j-h0ejP4P0_kv8Fq_QqEsLptBfkQspQ0v0w-zESZNrhruSAq62yNjY2Du2PXjDbYzZv8Fx0GGda0lqC2ryIYAQ&id=ampim&o=270,108&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1003&mtos=0,0,1003,1003,1003&tos=0,0,1003,0,0&tfs=436&tls=1439&g=100&h=100&tt=1439&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ Frame 7B67 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702635624977&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE1NDk5NTYwMyIsImNhbXBhaWduIjoiMjE2MzU1MiIsInRpbWVzdGFtcCI6MTcwMjYzNTYyNDk3NiwicmVjb21tZW5kX3Bvc2l0aW9uIjoxLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDEyMzA0MTIxNzIwMzQ2NDAyLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNzI4ODEzMjkxMDYxNjY5NiwiYzMiOjAuMDEyNTI0NjY0NDAyMDA4MDU3LCJ0aXRsZSI6IuaJi%2Bapn%2BS4jemboui6q%2B%2B8jOecvOiii%2Ba3mua6neW5tOi8leWMlu%2B8n%2BmaseeXleecvOiii%2BaYjuecuOihk%2BelnuaVkeaPtO%2B8gSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IiIsImltYWdlX2hhc2giOiIiLCJjbGFzc2lmeSI6IiIsImltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9NTC9iZTAwN2QzNmRlZGFiNGYxYjMxNGE2ODM1NGJjOTMyNy5wbmciLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJyZXVybC5jYyIsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiMGVjMjNkNDItZDc3YS00OGI2LTg5MjAtOWY0OTc4ZDNkY2U4IiwidWlkIjoiMTJkZDE2YzllMmRkNTU0MTViOTE3MDI2MDMyMjM2MzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvZ2FPV0xwIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJmcnVpdF9zdHlsZSI6IjQiLCJib3hfc3R5bGUiOiI0IiwicmVmZXJyZXJfcmVjb21tZW5kX3R5cGUiOiIiLCJkbWYiOiJtIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.181.98.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-181-98-169.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Fri, 15 Dec 2023 10:20:24 GMT
Strict-Transport-Security
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
ic
trace.popin.cc/ju/ Frame 7B67 		0
192 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=898664461be2b33b8d313841694d45fd&acid=26064&data=uVUOdfHMIiHeqFLaEXKEjH5s6rjXDb-O6_tSWE6BlM1JGMzIOCMwgvX2AlZDUO1-t_HP_sE9MTvaiWFbrVAxvL6L5Eye9jycT-TPdhkJezNyzW2C8RGkZms8I9LWwpDm0YA116vRlYMR-KcgqjPNtDckgZyK34Qni5WBKJGLbJ9uOeJiJVxD9S28IhINrQ50EWG0wT3qS5mML9p62JhNw21RNmISOHeV8NMV19FCeN_V0iQOOKc2_pKdleaZHmA0vWWp3QfQVMcMJhe9gXd9LZAyE7zhnPIXkn_DnNXwf6ztpB3xxD6YWjpZZ0EF0JhDVHRKVxSbkr1_8LCK6KX3ZQ-EQ2DfHcAQVEbzJfoYMAJI6lafxp7IQ-6xLUm5VxNHNJPk7obwceWLgejaKsQhSnr6ivXFPsDuJs7RpFobX396T7lSFxFwRJ-nDHYhRws-SOPnU8HyzI_k5-g875Aa-BahjuhBlxHDXeycBSseDJsJNmEAqRHJVHpuaX_Ajx9Ge9c-jvQf4I0ROIpo-3sCifkIsi4s6VSvapHOMXvtYsGNxVBNtjxKTYhk_mvQRirkPuH13KMX6QZM73hctrWSvLmekttcOmHIhbJ6PeiyWlvkCmFw7-iO21KqHVacPyQGSu4lk5Vo6DmYCvaWSDyUb9F3qJr1Vg4jrUEIDLT9Tdr0taXT9Nui-jddPdwrM-JjrCRzDRuio2rRNR4p3nsVugmTvNJV7eik3iz3yYFtkaw&uid=12dd16c9e2dd55415b91702603223636&mguid=&uu=12dd16c9e2dd55415b91702603223636&tst=1702635623917&ppvs=6&tss=5&aps=1&rp=1&fs=4&bs=4&caid=banner-3x1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=12dd16c9e2dd55415b91702603223636&type=pc_imp&nid=154995603&campaign=2163552&media=reurl.cc&r5=cc_NONE&r6=undefined&dmf=m&t=1702635624975&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adlogs
log.popin.cc/log/popin_ads/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE1NDk5NTYwMyIsImNhbXBhaWduIjoiMjE2MzU1MiIsInRpbWVzdGFtcCI6MTcwMjYzNTYyNDk3NiwicmVjb21tZW5kX3Bvc2l0aW9uIjoxLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDEyMzA0MTIxNzIwMzQ2NDAyLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNzI4ODEzMjkxMDYxNjY5NiwiYzMiOjAuMDEyNTI0NjY0NDAyMDA4MDU3LCJ0aXRsZSI6IuaJi+apn+S4jemboui6q++8jOecvOiii+a3mua6neW5tOi8leWMlu+8n+maseeXleecvOiii+aYjuecuOihk+elnuaVkeaPtO+8gSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IiIsImltYWdlX2hhc2giOiIiLCJjbGFzc2lmeSI6IiIsImltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9NTC9iZTAwN2QzNmRlZGFiNGYxYjMxNGE2ODM1NGJjOTMyNy5wbmciLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJyZXVybC5jYyIsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiMGVjMjNkNDItZDc3YS00OGI2LTg5MjAtOWY0OTc4ZDNkY2U4IiwidWlkIjoiMTJkZDE2YzllMmRkNTU0MTViOTE3MDI2MDMyMjM2MzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvZ2FPV0xwIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJmcnVpdF9zdHlsZSI6IjQiLCJib3hfc3R5bGUiOiI0IiwicmVmZXJyZXJfcmVjb21tZW5kX3R5cGUiOiIiLCJkbWYiOiJtIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1702635624978
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ Frame 7B67 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702635624981&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE2MTUzNDY0NyIsImNhbXBhaWduIjoiMjIyMjg2MyIsInRpbWVzdGFtcCI6MTcwMjYzNTYyNDk3OSwicmVjb21tZW5kX3Bvc2l0aW9uIjoyLCJhZF9wb3NpdGlvbiI6MiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDExNDA2NzAwNzYxODA2MjI5LCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNTg5MzAzNzMwNTIxMzUxMSwidGl0bGUiOiLlj6ropoHmnInlv4PvvIzmrbLmnIjlj6%2Fku6XkuI3nlZnnl5Xot6Hhg6bnvo7ps7Plp5DlpZQ3MO%2B8jOmAhum9oeacieaWueazlSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IiIsImltYWdlX2hhc2giOiIiLCJjbGFzc2lmeSI6IiIsImltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9NTC8wYzZiNThiODgzZjMxNDNkMzllMTM5MTMwMjVjZTQ3Zi5wbmciLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJyZXVybC5jYyIsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiMGVjMjNkNDItZDc3YS00OGI2LTg5MjAtOWY0OTc4ZDNkY2U4IiwidWlkIjoiMTJkZDE2YzllMmRkNTU0MTViOTE3MDI2MDMyMjM2MzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvZ2FPV0xwIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJmcnVpdF9zdHlsZSI6IjQiLCJib3hfc3R5bGUiOiI0IiwicmVmZXJyZXJfcmVjb21tZW5kX3R5cGUiOiIiLCJkbWYiOiJtIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ%3D%3D&callback=TreasureJSONPCallback2
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.181.98.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-181-98-169.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Fri, 15 Dec 2023 10:20:24 GMT
Strict-Transport-Security
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
ic
trace.popin.cc/ju/ Frame 7B67 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=207fe47bd20e8689b37d2c40fe8e85d7&acid=26064&data=jS8OHyPZvVhMkBK84qh96RuBQlxEb_iUUC6hcdoov7v4GY8XgqDD8OpQgsBXpKoQWDqhctqGLNVlyG6USmNd-ZIo81R9b6ihP35HVF7bPo2lv_VDCWHlg6jzMJeuF-Fkref8z3273RcVw254X0cXnN0L7NJO9KEB7SkoDCaLpgQQ62frFX9TGAKceBRA6UsT3ds1vob4BtPNXge9cXkJpVqeIE0Z4kH8UdpbAQSr3Up1mKgOvygFbZajIpLSkIYtKWltJvxu2X-8XCsWxBDHEbf63YlFh5jRy1RLGnJI6y0e4JRAaWfrVbGhyW8HMFiGVbr1eIpqRqnCBuwLjMD3yQnuUMd2YQzZkDotsnKXPvLl_-fRFZwRIKlOCy-rAxizhDL4VddSjRUBJYjdVfdXpLIUvojrQLPisgfYEkvsoGDodkCy7vukEIcZSReBMFpqqZ9ox4dWGbogcEi-lyVtHlHVyWT_bKMVfTmeZg1B6Lxz0NT1BONNVC9e5xl0iUOEL1OovheYzvqASfCreDGAulVS1Vrd00zQz5HnDJkYMDbd8j_x7dOYtIFNVd0hoao_sHeytjVFscBbgESrslu3CT2uMqCVLdkYjZevZuyBupw&uid=12dd16c9e2dd55415b91702603223636&mguid=&uu=12dd16c9e2dd55415b91702603223636&tst=1702635623919&ppvs=6&tss=5&aps=2&rp=2&fs=4&bs=4&caid=banner-3x1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=12dd16c9e2dd55415b91702603223636&type=pc_imp&nid=161534647&campaign=2222863&media=reurl.cc&r5=cc_NONE&r6=undefined&dmf=m&t=1702635624979&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adlogs
log.popin.cc/log/popin_ads/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjE2MTUzNDY0NyIsImNhbXBhaWduIjoiMjIyMjg2MyIsInRpbWVzdGFtcCI6MTcwMjYzNTYyNDk3OSwicmVjb21tZW5kX3Bvc2l0aW9uIjoyLCJhZF9wb3NpdGlvbiI6MiwiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDExNDA2NzAwNzYxODA2MjI5LCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNTg5MzAzNzMwNTIxMzUxMSwidGl0bGUiOiLlj6ropoHmnInlv4PvvIzmrbLmnIjlj6/ku6XkuI3nlZnnl5Xot6Hhg6bnvo7ps7Plp5DlpZQ3MO+8jOmAhum9oeacieaWueazlSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IiIsImltYWdlX2hhc2giOiIiLCJjbGFzc2lmeSI6IiIsImltYWdlIjoiaHR0cHM6Ly9pbWFnZWF3cy5wb3Bpbi5jYy9NTC8wYzZiNThiODgzZjMxNDNkMzllMTM5MTMwMjVjZTQ3Zi5wbmciLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJ0dy5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJyZXVybC5jYyIsInVybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwiZ2VvX2NvdW50cnkiOiJ0dyIsImxvZ2lkIjoiMGVjMjNkNDItZDc3YS00OGI2LTg5MjAtOWY0OTc4ZDNkY2U4IiwidWlkIjoiMTJkZDE2YzllMmRkNTU0MTViOTE3MDI2MDMyMjM2MzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjMwMHgyNTAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vcmV1cmwuY2MvZ2FPV0xwIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJyZXVybC5jYyIsInRkX3BhdGgiOiIvZ2FPV0xwIiwidGRfcmVmZXJyZXIiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMjAuMC42MDk5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjRmMTVhNDkwLWU0ZWEtNGFjOC1hODQyLTc1MGEwYjU2MTY2MCIsImNhdGVnb3J5IjoiIiwiZXh0cmEiOiIiLCJmcnVpdF9zdHlsZSI6IjQiLCJib3hfc3R5bGUiOiI0IiwicmVmZXJyZXJfcmVjb21tZW5kX3R5cGUiOiIiLCJkbWYiOiJtIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1702635624982
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ Frame 7B67 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1702635624986&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjEyNDk4MzUzNyIsImNhbXBhaWduIjoiMTkwNjIwMyIsInRpbWVzdGFtcCI6MTcwMjYzNTYyNDk4NCwicmVjb21tZW5kX3Bvc2l0aW9uIjozLCJhZF9wb3NpdGlvbiI6MywiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDExMjI3MDk0MTgwNjA1MDQxLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNjM4MDIzMTkzNDU5OTU3OCwidGl0bGUiOiLpgYvli5XkuZ%2FnmKbkuI3kuobnmoTpg6jkvY3vvIwg5ZCN5qih6Iqx6Iqx5Lmf5oSb55qE44CO6Z%2Bz5rWqIOiEgumbleOAj%2B%2B8jOaJk%2BmAoOe%2Bjum6l%2BmrlOaFiyDlj4roh4npg6jovKrlu5PvvIEiLCJzYW1wbGUiOiIiLCJ2X2ZydWl0X3dvcmQiOiIiLCJpbWFnZV9oYXNoIjoiIiwiY2xhc3NpZnkiOiIiLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvTUwvMzM1ZDljNjViNGY0OWI3OWI1NTdhYjFiZTVmNGI3MjQucG5nIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjBlYzIzZDQyLWQ3N2EtNDhiNi04OTIwLTlmNDk3OGQzZGNlOCIsInVpZCI6IjEyZGQxNmM5ZTJkZDU1NDE1YjkxNzAyNjAzMjIzNjM2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiZG1mIjoibSIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback3
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
57.181.98.169 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-57-181-98-169.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date
Fri, 15 Dec 2023 10:20:24 GMT
Strict-Transport-Security
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Content-Type
application/javascript
ic
trace.popin.cc/ju/ Frame 7B67 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://trace.popin.cc/ju/ic?tn=6e22bb022cd37340eb88f5c2f2512e40&trackingid=24ef8767f023448b147c2451eb38814f&acid=23505&data=0jRY8-SnId6yJ84CQHTTsXQ6Wdy5b-iNYOP-fcvTwYoCUHlsL8fFrIUp6qIFYCUFlXmYYjheKEn3qen-3976dhWkT5m4mLCt_6HNjDaiTXWoDE8TbwBFvEfAk-GM0Dqh0ClbgC3VYX3TxRNGtpnrGYZWDn5ipSG446NTrWkqGHKQptpK2uHIilePap-tRQfpZg040bGBdOTwWsGndq2F90pJEvnDzmc1dgtRgzQKd4MtzisKUgh-NDdfh_SoNKzrZRSYqMdYPwBwb4sUrrFWXLJ-jC97QGv1Q1orZeCjYQ6R7AvwUPJRG-1yhaEnlunOsUPqvX6_ms8QEfTsOwtt4dKdFuKUUmufKbTPoBzdH3ECOMjYllBy-DKiworkeffhNQfgcGHSDPVi_jeaq_YZZIIf7JpMuDn4duNLvfTC4gP8jsx82oPNwrrtdWxMKqriYsN9wiLJfmOpZjzZOPiQNfz1x0T_S6OnNedWM2XmJ7IgZcb9wUJkRGAExCARIIQgeZ_Vq1xIBtpF42_YcnQdEDj3kSbbaNsG9Svof_JzGk1vLVRdMeKz3qLKEM3tQapWNCKEVgxNDki0wI7kiEqlaRLlwqiGk5TvNKvit-eDzw8&uid=12dd16c9e2dd55415b91702603223636&mguid=&uu=12dd16c9e2dd55415b91702603223636&tst=1702635623920&ppvs=6&tss=5&aps=3&rp=3&fs=4&bs=4&caid=banner-3x1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/cf_reurl_tw_gam.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
133.89.213.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
text/html; charset=utf-8
s.gif
r.popin.cc/ Frame 7B67 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Freurl.cc%2FgaOWLp&uid=12dd16c9e2dd55415b91702603223636&type=pc_imp&nid=124983537&campaign=1906203&media=reurl.cc&r5=cc_NONE&r6=undefined&dmf=m&t=1702635624984&tz=tw
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
last-modified
Thu, 29 Aug 2019 01:24:26 GMT
server
nginx
etag
"5d67294a-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adlogs
log.popin.cc/log/popin_ads/ Frame 7B67 		66 B
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwidGltZV9zaG93X3NlY29uZHMiOjEsIm5pZCI6IjEyNDk4MzUzNyIsImNhbXBhaWduIjoiMTkwNjIwMyIsInRpbWVzdGFtcCI6MTcwMjYzNTYyNDk4NCwicmVjb21tZW5kX3Bvc2l0aW9uIjozLCJhZF9wb3NpdGlvbiI6MywiY2hhbm5lbF9pZCI6ImJhbm5lci0zeDEiLCJzY29yZSI6MC4wMDExMjI3MDk0MTgwNjA1MDQxLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJ1bml0X3dpZHRoIjoyOTAsInVuaXRfaGVpZ2h0Ijo3MywiaW1hZ2Vfd2lkdGgiOjEyMCwiaW1hZ2VfaGVpZ2h0Ijo3MywiYzIiOjAuMDAwNjM4MDIzMTkzNDU5OTU3OCwidGl0bGUiOiLpgYvli5XkuZ/nmKbkuI3kuobnmoTpg6jkvY3vvIwg5ZCN5qih6Iqx6Iqx5Lmf5oSb55qE44CO6Z+z5rWqIOiEgumbleOAj++8jOaJk+mAoOe+jum6l+mrlOaFiyDlj4roh4npg6jovKrlu5PvvIEiLCJzYW1wbGUiOiIiLCJ2X2ZydWl0X3dvcmQiOiIiLCJpbWFnZV9oYXNoIjoiIiwiY2xhc3NpZnkiOiIiLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvTUwvMzM1ZDljNjViNGY0OWI3OWI1NTdhYjFiZTVmNGI3MjQucG5nIiwic21qYWQiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoicmV1cmwuY2MiLCJ1cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsImdlb19jb3VudHJ5IjoidHciLCJsb2dpZCI6IjBlYzIzZDQyLWQ3N2EtNDhiNi04OTIwLTlmNDk3OGQzZGNlOCIsInVpZCI6IjEyZGQxNmM5ZTJkZDU1NDE1YjkxNzAyNjAzMjIzNjM2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiNGYxNWE0OTAtZTRlYS00YWM4LWE4NDItNzUwYTBiNTYxNjYwIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIzMDB4MjUwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3JldXJsLmNjL2dhT1dMcCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4xMDkgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiV2luMzIiLCJ0ZF9ob3N0IjoicmV1cmwuY2MiLCJ0ZF9wYXRoIjoiL2dhT1dMcCIsInRkX3JlZmVycmVyIjoiaHR0cHM6Ly9yZXVybC5jYy9nYU9XTHAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTIwLjAuNjA5OSIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI0ZjE1YTQ5MC1lNGVhLTRhYzgtYTg0Mi03NTBhMGI1NjE2NjAiLCJjYXRlZ29yeSI6IiIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiZG1mIjoibSIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1702635624987
Requested by
Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:24 GMT
last-modified
Fri, 10 Jan 2020 11:34:08 GMT
server
nginx/1.13.5
etag
"5e186130-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
fp.min.js
ecs.tagtoo.co/js/ Frame 7B67 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecs.tagtoo.co/js/fp.min.js
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.102.218.41 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
41.218.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:17:34 GMT
content-encoding
gzip
age
170
x-guploader-uploadid
ABPtcPo5tgaqKfjz1LhssQl6iEU5j1ybomjAy9ZDqCdVD-NH8Wp4Wt7Y_1E93EAUFHryi84eZFikt_fDf0NPT2c7AiOO3c-VyPHT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12950
last-modified
Thu, 16 Sep 2021 09:25:47 GMT
server
UploadServer
etag
"5d9159073c44e4858b07d4445a1adceb"
vary
Accept-Encoding
x-goog-generation
1631784347603860
x-goog-hash
crc32c=paC+Ww==, md5=XZFZBzxE5IWLB9REWhrc6w==
access-control-allow-origin
*
access-control-expose-headers
Content-Type, Access-Control-Allow-Origin
cache-control
public, max-age=300
x-goog-stored-content-length
12950
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
expires
Fri, 15 Dec 2023 10:22:34 GMT
permanent
event.tagtoo.co/ Frame 7B67 		48 B
113 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=8ad3c0e853da0b8a176678b7d3a47e36
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
03d38d8d568620866b2d25aed3f5950b6d168e6c3f6118ed7c4cb97ace842952

Request headers

Referer
https://reurl.cc/gaOWLp
X-TOKEN
a5808d50cbd8897ace6b6b62abf51d37c19e599aea49012c32a74de228b9
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 15 Dec 2023 10:20:22 GMT
via
1.1 google
server
uvicorn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48
content-type
application/json
permanent
event.tagtoo.co/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/permanent?fp=8ad3c0e853da0b8a176678b7d3a47e36
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-token
Access-Control-Request-Method
GET
Origin
https://reurl.cc
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers
Accept, Accept-Language, Content-Language, Content-Type, X-TOKEN
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Fri, 15 Dec 2023 10:20:24 GMT
server
uvicorn
via
1.1 google
v1
event.tagtoo.co/event/ Frame 7B67 		2 B
16 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://event.tagtoo.co/event/v1
Requested by
Host: ecs.tagtoo.co
URL: https://ecs.tagtoo.co/js/unitrack.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.83.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.83.96.34.bc.googleusercontent.com
Software
uvicorn /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 15 Dec 2023 10:20:24 GMT
via
1.1 google
server
uvicorn
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
application/json
/
ttd-cm.tagtoo.com.tw/prn/uidm/ Frame 7B67 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 04EB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAN3pHP3sA5y7i1QHXP72FOU_1napL1NgM3oagV640ISkakQSE1KVSVGYb3XsWOI4QTWg-hMMZaBQDG6YxN44UEj2DuSaAPvjoI8kORbQN4jQWoX5Y7FuTeKOrDivpKEkqW7jGubZIGbZ-hrSSZV-KwWB5PvujCCSG-ekcllt15I0nOR-KzoU88ahnJgfB2sMEa_NORug7-wj3VLaRXMZTzf1fe3NHM8gqzH_Mcr6aN5aonBLKxxKA0_vJQpADdkvWNBlZobDLVau-1KlCJkNoMOdqL8Bn0mS3RauiO5QjxuUnc6yPltxHOdyG1_Nt-mdGq3UUCvrLJC_MoX7zrZiJtC2btcbHzR_sI0V7qsBQl91sJZt2HNQGhhk0zRgCdI3lTTQLAnT-JLMcpw&sai=AMfl-YQRmEYEnUevTGgBLEI0zsNL3Z_pwbQqvAeUM4TJoEp4_bYJGWn51N8t9ftQ3v8j483Jd6B5laJ1-kRPDkZ5WS-1rrmB6ZG3wC2TvPRkzrpijZW42sn5o9NgtL9N1QfqMAugZgaEoQMYYIoQ6FlVc_dT&sig=Cg0ArKJSzEsn4lk7JY9tEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s29-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 15 Dec 2023 10:20:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
4cc92e164641e1a678c24a61f9e30392c3fa4ad5d7eb20743b8a8a1bdc869b56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12144
x-xss-protection
0
a
www.googletagmanager.com/ 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=607207354&rv=3bt0&u=AAAAAAAAAAAAACA&h=Ag&gtm=45je3bt0v897965293&ccid=97965293&cid=G-N394QBRGC0&l=G-N394QBRGC0.L143.S6.Y81.B27.E4029.I176.EC6.TC17.HTC0~*.S0.V0.E61.TS5ogt1pdatav2.TI10.TE4.TS5ccdgalast.TI12.TE0.TS5ccdautoredact.TI13.TE0.TS5ccdconversionmarking.TI14.TE0.TS5ccdemvideo.TI15.TE0.TS5ccdemsitesearch.TI16.TE0.TS5ccdemscroll.TI17.TE0.TS5ccdempageview.TI18.TE0.TS5ccdemoutboundclick.TI19.TE0.TS5ccdemform.TI20.TE0.TS5ccdemdownload.TI21.TE0.TS5ccdgaregscope.TI22.TE0.TS5ogtgooglesignals.TI23.TE0.TS5ogtgagamlink.TI24.TE0.TS5setproductsettings.TI25.TE0.TS5ccdgafirst.TI26.TE0~gtm.js.S0.V0.E48.TS5gct.TI7.TE0~*~gtm.dom.S0.V0.E14~gtm.load.S0.V0.E1~gtm.init_consent.S1.V0.E40~GA713.339
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.206.232 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
kix06s10-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:27 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 15 Dec 2023 10:20:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6286 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

accept-ranges
bytes
age
16656
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 05:42:51 GMT
expires
Sat, 14 Dec 2024 05:42:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EF22 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s54-in-f4.1e100.net
Software
GSE /
Resource Hash
af3033bd6594a142767d16e7d6e5eccfd015aebc87a7e3a44df71d5b4b49ec52
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-r_u66VEahMkrUP9D3rG78g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
ja-JP

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-r_u66VEahMkrUP9D3rG78g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 15 Dec 2023 10:20:27 GMT
expires
Fri, 15 Dec 2023 10:20:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 6286 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 05:42:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
16664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 14 Dec 2024 05:42:43 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EF22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=1135210058710717&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6286 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?I4VwXQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 15 Dec 2023 10:20:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=1135210058710717&bg=!VFelVxjNAAY3kmNgF5I7ADQBe5WfOFZQowU5VmhztaowNn-iTHN2-jZf02Z9xwNiAIuR8MNKW3l5yt0PiHsnMyrk8gn3AgAAAEFSAAAACmgBB5kC1v0EmS1iI2EhgvS6SKO4lhYr-SIja7ANVOqmcfXLKkFhMJKFXKWrtujn3Savh_euke7d7zYn1Pk1ov-1ODhW-26ee4t8FHf-7DNr__fvJoa1RwSEUtmGvRBivY0p2_m0DYuS-dDBEP4ArBQmi6cqwIlbPxy7OdPu8PK4SPPBnuXLb4w4FRut8zOes7EYBHFAOCNWRFON6-0Yz_7mrCceKFhAB4wF3tYZF8IeflB1VIbMPaOpYzGATqA1wlQ7WqFiVcPKZ6_NioqTG4P-4Jc__ukMlspEa1UrIwGwnIcARpVG6V1puwoUiN3t3MOss-AtmgPSDqnZrNL-DFQHZQEA1Q7ffQADhzLXt-P3hq68EBflIOUHxrL7KoVICN4QuORu_DdfdPa86I8I2mRaT9MEjbf7C-zm3jMAbhlcZxvCMHxSyWqEikKS4yacX51DqFxrDc7g04c2GwZiXo00-CSZ4Pgb8Us5-RhV2_aWSceP1MNHxl8T7z7ThXii7M7dJrIZfLlCQX7uFBUWcmy4QYT5P4VsMF09eeocZQmxuTmQJd78EQkIoZxNaE1dK_3ArhzyLind3Ea63NZF6FbSUsMVHzzAjxnGyn7HeU_5VYFvKyEG0PjZbVE4WfkuUOHwJI6mmGs6K6OBVcwQR6SzGcGE1bbml1d0rkTGCau_aYGeyK64xz82u8gnWO0xyGVNijUEPy4S-phs6u7fddsU0srpdMCAxNY2M1VaJB9-r_dWG2HdntvqND_4TNOeBNWtT_vy6dxuQGYqAjSTF3BYYlcsV9KbBNt3ljHVPoFhl4xZ6XNfYRHv4DfNcCwJgTR_sc5ogPKm-lKc-FD0Akk-7ZIBU56Q_40KQwsa-GXqWvdxkFXUbaS5bJJvpD8HySVcogywWr1ewV3mNfoby2ztK_UfxSAnj5dOuPKHib76h7vNyxVQX4ISFH-OjOZ0giPpVNwJv7Cz4S3hPw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 04EB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsshLXkKaHr6CzEofjYcPZU5AZjXnAEDwaoF1LsWnn-3SsOc_q8ShPuPK5YAoL9nXI3aiWlfsw8pow4RI1Bpk9-hRYFaBdYopagefo773JvKdcTsEMNYcZHUdok8UJAGP_safARi-n-p2Sgb0deRllTOjF-M&sig=Cg0ArKJSzG7EpgSF-Dw0EAE&id=lidar2&mcvt=1000&p=108,650,358,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702635623548&rpt=3470&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.175.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
ja-JP
Referer
https://reurl.cc/gaOWLp
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702635622682&gcd=11l1l1l1l1&dma=0&cid=973735110.1702635623&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702635623&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2&tfd=5858
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.175.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt20s18-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://reurl.cc/gaOWLp
accept-language
ja-JP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 15 Dec 2023 10:20:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reurl.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19706.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=UNKNOWN&__rev=1010442454&__s=%3A%3Asiu4d2&__hsi=7312764314693240597&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FCreditCards.com.tw%252F%26tabs%3Dtimeline%26width%3D340%26height%3D500%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId
Domain
www.facebook.com
URL
https://www.facebook.com/ajax/bz?__a=1&__ccg=UNKNOWN&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__hs=19706.BP%3Aplugin_default_pkg.2.0..0.0&__hsi=7312764314693240597&__req=4&__rev=1010442454&__s=%3A%3Asiu4d2&__sp=1&__user=0&dpr=1&jazoest=21650&lsd=13b1uESyW68M1Y_29SCaOI
Domain
ttd-cm.tagtoo.com.tw
URL
https://ttd-cm.tagtoo.com.tw/prn/uidm/?tuid=504ba3ab60ef2870ff5cf662ac8bc581&pid=1008&puid=12dd16c9e2dd55415b91702603223636&

Verdicts & Comments Add Verdict or Comment

166 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture object| sas object| googletag object| adloox_pubint object| anymindTS function| startAnymindTS function| gtag object| dataLayer function| Vue object| renews function| getRenewsFeeds object| app string| labelToken string| category string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| google_tag_manager undefined| google_measure_js_timing number| google_unique_id function| onYouTubeIframeAPIReady object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_145 object| Criteo object| Criteo_identitytag_145 object| regeneratorRuntime object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| _33across object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| brWidgetInit object| truvid_protected object| GoogleGcLKhOms object| google_image_requests

45 Cookies

Domain/Path Name / Value
.reurl.cc/ Name: _fbp
Value: fb.1.1702635622764.1669658210
.prnasia.com/ Name: __cf_bm
Value: pa_0B72WAkYm8.HB0ix93GzsUkIDEqZSoObFFIlLW1Y-1702635622-1-ASl0Ws/M45u+a10S8+LNfVlyMVdBYoCybCS08yYDce16tJ6lBZn5CjhVj1Kg3rXtcPugbM9Ygp1qKw/GH84gKPs=
.reurl.cc/ Name: _gid
Value: GA1.2.36470138.1702635623
.reurl.cc/ Name: _gat
Value: 1
.reurl.cc/ Name: _ga
Value: GA1.1.973735110.1702635623
.criteo.com/ Name: uid
Value: bb8feb63-c613-418e-a53c-325c2e898c06
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.reurl.cc/ Name: cto_bundle
Value: ddSp_185ZHlUdFJDV1BCJTJGYzBYc0tLYk5kdkdjbHJuUGpXR3ozVlE1RTVzYiUyRm9yU1hZazJhaElnYVdnJTJGa25NTEVuMWtSZmN1UWpIbGtlRXAwQjY4R2JWNzk5ZVRqNFolMkZWU3lGcEJmOU5mRFJEWXM3VnFIZiUyRnZCOUhVJTJGeG5QOEJPZWQ3bmUlMkJ4WVElMkZCbkR0bUYyQkUwT0VxUHJRJTNEJTNE
.openx.net/ Name: i
Value: 6922d2e3-2d02-41fe-983e-555d92e3e01f|1702635623
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 8e95a17023c576c1b46d950af9aa08ac
.reurl.cc/ Name: _cc_id
Value: 8e95a17023c576c1b46d950af9aa08ac
.reurl.cc/ Name: panoramaId_expiry
Value: 1703240423333
.reurl.cc/ Name: panoramaId
Value: 100d8edda8a6a4dbc72d8098c689185ca02c2909f3c41decdc475d41240b9463
.reurl.cc/ Name: panoramaIdType
Value: panoDevice
.doubleclick.net/ Name: IDE
Value: AHWqTUmloOjZ2G3KMdTz_ANJKClOA0Atz1OCgI5vVTQZxMnvGNeGD7ZED0Wx5nxELVE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.reurl.cc/ Name: __gads
Value: ID=ed59de53153a59ab:T=1702635623:RT=1702635623:S=ALNI_MZYH_qkMQ_d55Kt1cGPkZK4kl7ueA
.reurl.cc/ Name: __gpi
Value: UID=00000caf1c1957c0:T=1702635623:RT=1702635623:S=ALNI_MZENtspDpGFPyjFuYd70MgDdK7w3w
.reurl.cc/ Name: _ga_N394QBRGC0
Value: GS1.1.1702635623.1.0.1702635623.60.0.0
.reurl.cc/ Name: _ss_pp_id
Value: 12dd16c9e2dd55415b91702603223636
.openx.net/ Name: pd
Value: v2|1702635623|jElYiuvOhI
.popin.cc/ Name: uid
Value: 12dd16c9e2dd55415b91702603223636
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzAyNjM1NjIzfQ
.adsrvr.org/ Name: TDID
Value: c3a7182d-4933-414e-bf69-8bc7679703a6
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwji8p3jxdi-PBAFOAE.
.openx.net/ Name: univ_id
Value: 537072971|c3a7182d-4933-414e-bf69-8bc7679703a6|1702635623844968
.ladsp.com/ Name: cr
Value: 1
.holmesmind.com/ Name: fcm
Value: 1
.ladsp.com/ Name: smn_uid
Value: NtQc683XyExkW7XA9fbeuRA8ZA2YeAw
.ladsp.com/ Name: lum
Value: CM6r9-fGMRIFCAMQ0AU
.in.treasuredata.com/ Name: _td_global
Value: b3401828-f1b9-42cc-95b6-5762ce9cce16
.doubleclick.net/ Name: DSID
Value: NO_DATA
.reurl.cc/ Name: CFFPCKUUID
Value: 6074-DyVwqpqvsuoaheKDlLHwfbwcisgj96EM
.reurl.cc/ Name: FPUUID
Value: 2608-28d45fb8d789013a3c99b1e7885b46c0
.reurl.cc/ Name: ISMD5VERSION
Value: 1
.hinet.net/ Name: uuid
Value: 76f1acc1-3ed2-4845-8260-e01daf697ff4
.lndata.com/ Name: admckid
Value: 2312151820231513847
.holmesmind.com/ Name: P
Value: 530371-eQqanjypJXlFhbUZ33C7lGF4wF6Fe37J
.holmesmind.com/ Name: Vision
Value: 20231215-23:59,20231215-21,20231215-21,20231215-23:59
.holmesmind.com/ Name: C
Value: null
.holmesmind.com/ Name: RK
Value: null
.reurl.cc/ Name: truvid_protected
Value: {"val":"f","level":0,"geo":"JP","timestamp":1702635625}
.reurl.cc/ Name: _td
Value: 4f15a490-e4ea-4ac8-a842-750a0b561660
.popin.cc/ Name: __mguid_
Value: f5ef61ca5b1e06c52323f700lq6hagbo

4 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://cm-dev-poc.holmesmind.com/fp
Message:
Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76f1acc1-3ed2-4845-8260-e01daf697ff4.t.ssp.hinet.net
944a600793302a39c3c2044e4be9c84d.safeframe.googlesyndication.com
ad.holmesmind.com
ad.tagtoo.co
analytics.google.com
anymind360.com
api.popin.cc
asset.re-news.tw
bcp.crwdcntrl.net
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.holmesmind.com
cdn.jsdelivr.net
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
ecs.tagtoo.co
event.tagtoo.co
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
imageaws.popin.cc
img.gbyhn.com.tw
img.racingcharger.tw
in.treasuredata.com
inrecsys.popin.cc
invstatic101.creativecdn.com
jp-u.openx.net
log.popin.cc
m.holmesmind.com
match.adsrvr.org
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
r.popin.cc
re-news.tw
reurl.cc
rt.ad-score.com
s.trvdp.com
scontent-nrt1-1.xx.fbcdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
tpc.googlesyndication.com
trace.popin.cc
ttd-cm.tagtoo.com.tw
tw.popin.cc
uec.tagtoo.co
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.rayskyinvest.com
ttd-cm.tagtoo.com.tw
www.facebook.com
104.17.239.194
104.21.96.9
116.50.36.71
119.63.193.220
119.63.197.136
119.63.198.143
119.63.198.180
119.63.198.188
119.63.198.189
13.112.169.241
13.113.11.114
13.251.47.187
13.33.174.96
142.250.196.99
142.250.198.3
142.250.206.232
142.250.207.4
142.251.222.2
142.251.42.129
142.251.42.162
143.204.126.3
143.204.86.119
143.204.86.31
15.197.193.217
151.101.1.229
151.101.193.55
172.217.161.74
172.217.175.1
172.217.175.110
172.217.175.14
172.217.175.226
172.217.175.34
172.217.175.66
172.64.152.89
173.194.174.157
18.172.52.87
18.182.103.101
18.65.185.16
18.65.185.40
182.161.74.1
182.161.74.11
192.0.78.187
192.0.78.25
203.75.214.136
211.120.53.206
216.58.220.129
31.13.82.36
31.13.82.7
34.102.146.192
34.102.218.41
34.107.150.21
34.111.12.34
34.117.23.234
34.120.135.53
34.149.98.30
34.160.17.71
34.95.67.231
34.96.70.87
34.96.83.10
35.185.130.121
35.185.136.122
35.201.76.93
35.208.216.174
35.213.89.133
35.227.249.156
35.244.159.8
35.244.196.223
57.181.98.169
61.216.47.122
99.84.133.14
037bd36b23b3c140a57277c93ed4c586b2759f97c6d7a8bd6ebbf54d3c629e6d
03d38d8d568620866b2d25aed3f5950b6d168e6c3f6118ed7c4cb97ace842952
05cab1d78cce8922cfc4b520eece4d1683d78f824894060dba4174c152f44d89
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
094519e9151eb01e7ce6adcb098638de24d0cf5f9182632d0f54c65a60a09e94
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1eef2d71c36d9939f425f08c72a774b840850d2fccc637c28dc5f43e804fdbb2
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
2bd0ddcb6972531a5e93a4152a9903b859480510430ce5483008383d72f91ed2
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c78537370db283e881520b103a2f8198613f89d54eaa13dd566137d029c8fc5
2ca9b8154eda919124700c5a189c42215aa9be89ba443d7d2fee713ed5a99ba5
2d98213d5267f7ae207fd5d7469f0ffc82b2c1b413a0d066e1b004f200fccbab
2eab2b7adfd71b5cf3fe3747f993d26520691d544bb7fc4338dc049b4f0d1c2c
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3abc2cf308effad347741a64ceb2e89090062f1a1435e68b471177f87800f7e7
3bee7ba056f5c932c33bc388aa4e7f9275e1b07d11cd6aae039dd274d2c99594
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4cc92e164641e1a678c24a61f9e30392c3fa4ad5d7eb20743b8a8a1bdc869b56
4cfb2fc5725c2717da03dfd1f68847cfd3e194b6aac29bb4630ebedf242a76eb
4cff4212145b681f769f38c90dcef6433f17863f418f00c2881fe547cd86c4c8
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
52ac73f3f70e5fb8aec73f2866f3549d1cacb6022b8710d6d432326571543bc0
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561df1b2a900c7564a7c7ce397c38d145d1fd19e9dace210902125bd5b5a8df4
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5f170477597d1e3c8d780789ece124ec1f6df29aa5efe45102401af3b660030f
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6480d194b98b9fc3e4589a44b7e54b81ad926722e5b6fb7cc236161e2c2e03ac
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
691c942937cc7b012a40cbf9b4952136c4494bd1c1655d8ea1b88eb1fc765095
698fe0a6500f771d98d1ca713a5445d523fac649207572b69123699702854c0b
6c2fb26a735ec81c19e5078d61251379be634e324f416ca9e679725b318ff913
6c94aa17634aec5b96dbd4b061fbdc15dd95152449167fb0b61e4ba74224f573
6eafd5ec6725e90f6b921677cd3a321fb46813d8252eef1a9858c453a648b0c4
6f0f9fc26e45915f670425ff27abc25970778edf1c64f1b95809c4439e240c36
6fff16c8d8e2d8e5a5fa52c6b0878a7875136cec9002c58b73dc258685b30335
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
758e4595ae4f28c5c74f752c9a702e88eb257dc69040fca0252b42feecb9f13f
764b78f93d1b371f2a36b7987627f9b18f19fd18fea4ff6dab7c6870a288973d
76ef3fb13b0de7baec1b77aa515dba7fe735b8883690b1a8829e01cacf73c0aa
7f636545bfe60be8f60da5ca8c14329df87a55f9c091eaa84ac3f6508fefb00d
7f9bccc769774a7d85aa077bf15afdc4957d97bf48a2faf1878975e2c18c49ea
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
8e7784a4ac217e81bfc78060c55fe542fcf2b26eb5ce28d0513805593bb6b624
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
91098ce09c5b18dbfef38102f3ebb8fb8fa7c4bcdf2aaf50324dfa9378f57bcf
92edda4f7c7c5f5c4c34e428e911e2abcd1b0c4b1b02c95a76f8704a8177529b
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
970bfb4004579c73787d2f2744ce0c8c66d202ffbfd553ce318f458fdcfec5c0
98e9b23f13d3a63f282b04fc8bdb20341f7ca204070f15b5db0bc1a17538b187
990706829aa2bca47e97f5e8968b4cf8841c7c54c2ca26deb6be90dd62fc9310
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a58a1ad132f9f6b359f0f52e7a9694db949d8b4d9cd0f1f1c2cd746294cd41c0
a7bdc71d348b7ea1e4002e75c3a4b4d12bf8666f713f451b2e541294059e6231
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ad939677568b08c5be2f82a3eb6198c75a7f96b724aff7277e6fe82f110f842e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af3033bd6594a142767d16e7d6e5eccfd015aebc87a7e3a44df71d5b4b49ec52
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b24874f19ca4d89a153e31a2593b10f8bce455aa885ed7fdc14d46ffa245fe27
b2dc63cfd50e02d0256033b0cb7c97c44830fff6a2dec2fc92abf0bbadf1c5e1
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b6d132d4c6e689d9c18f52b97559792b709570c2da280030a19b24558cc07394
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
bb355af5899b88aa60cd1ee8e1cc49e85e44b4c19164cb440e70387096c355cd
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c673bfbbeb6fe323b05cebc869e3355c33a8cac53069ae61aa6a940265e4b84a
c74c20f069307b7268e813d5c299557c24bc681357e602efcbb808c1d4d17636
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
ceddce623458efca1b3b4cc5a8a04d84e70823af209d3825e528f89a51f60d46
d1bd63170e4cba4a8408381a617375d2e60a2546c06adda69a9f484c73d58265
d20139c9138e849d5f5935bcc482be2b21e43ae116ff4950ed4e5c89dba0184b
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d4d6346b18fd7d68cb2133e761085b56df8cd8b7af6b8a32393f5ab9a9f71700
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d682b3479a3d8e2e6e5da9d656b693e083e96472b8164a30a8105815f34315c4
d8e65749a56b2ac5451d794970517649fc715938e7e65ce0d45d2380d8b53ab5
dc4fc490cd4de8d904a7f92cb76eff153ce8fe29c95e6a2ef34f1e4c5653f68a
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8d0aae7148408df4d2472412cb912ad28f6511bfd5a765b2f0b806fdf54c581
e9b96bc538ceb220fc5caff0d0a67916b74cf07b2bada0b3296a17b1b99c9990
eb55c0d56ac8124fa9f30df52a33f39d2ace6c26a94f755d31e829a81dd2cc61
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0761a75d725daf4c2704c79695201236d4ccbe4d39a26c039300275b28a3ccf
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f276072e7a6c8d236837b6bb94ed110bb58715939479dde97a86aae4589cba78
f6c1aa49a5666d3e6e3998ef14751062a401fb45323d3a80d7bb0afecf0b0872
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
fd5ab52da021087bc78c866c8a8649b61d3f74e2f6273e6649892290f40ee5f4
fdfb2e2bb687472d594ec75115f6fe8bf498e8b21a3cfe794b965a81c362f425