reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://reurl.cc/gaOWLp
Submission Tags: gc
Submission: On December 08 via api (December 8th 2023, 5:08:31 am UTC) from JP — Scanned from JP

Summary HTTP 407 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 88 IPs in 6 countries across 61 domains to perform 407 HTTP transactions. The main IP is 35.185.130.121, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is reurl.cc. The Cisco Umbrella rank of the primary domain is 116978.
TLS certificate: Issued by R3 on November 18th 2023. Valid for: 3 months.

This is the only time reurl.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	35.185.130.121 35.185.130.121	15169 (GOOGLE) (GOOGLE)
2	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
5	34.149.98.30 34.149.98.30	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	151.101.1.55 151.101.1.55	54113 (FASTLY) (FASTLY)
1	142.251.42.136 142.251.42.136	15169 (GOOGLE) (GOOGLE)
2 16	142.250.196.98 142.250.196.98	15169 (GOOGLE) (GOOGLE)
11	31.13.82.36 31.13.82.36	32934 (FACEBOOK) (FACEBOOK)
1	35.244.196.223 35.244.196.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
61	31.13.82.7 31.13.82.7	32934 (FACEBOOK) (FACEBOOK)
3	172.217.175.110 172.217.175.110	15169 (GOOGLE) (GOOGLE)
1	34.117.23.234 34.117.23.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.17.238.194 104.17.238.194	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	61.216.47.122 61.216.47.122	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	172.67.150.31 172.67.150.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.0.78.24 192.0.78.24	2635 (AUTOMATTIC) (AUTOMATTIC)
1	34.120.190.48 34.120.190.48	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.33.174.59 13.33.174.59	16509 (AMAZON-02) (AMAZON-02)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	192.0.78.187 192.0.78.187	2635 (AUTOMATTIC) (AUTOMATTIC)
10	157.240.31.5 157.240.31.5	32934 (FACEBOOK) (FACEBOOK)
2	142.251.170.155 142.251.170.155	15169 (GOOGLE) (GOOGLE)
2	216.239.32.181 216.239.32.181	15169 (GOOGLE) (GOOGLE)
2	142.251.42.163 142.251.42.163	15169 (GOOGLE) (GOOGLE)
4	182.161.74.1 182.161.74.1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.65.185.102 18.65.185.102	16509 (AMAZON-02) (AMAZON-02)
5	142.250.207.97 142.250.207.97	15169 (GOOGLE) (GOOGLE)
2	142.250.199.100 142.250.199.100	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.215.134.10 13.215.134.10	16509 (AMAZON-02) (AMAZON-02)
1	18.172.52.87 18.172.52.87	16509 (AMAZON-02) (AMAZON-02)
6	142.251.42.130 142.251.42.130	15169 (GOOGLE) (GOOGLE)
1	18.65.185.129 18.65.185.129	16509 (AMAZON-02) (AMAZON-02)
15	143.204.126.128 143.204.126.128	16509 (AMAZON-02) (AMAZON-02)
4	182.161.74.11 182.161.74.11	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
4	172.217.175.74 172.217.175.74	15169 (GOOGLE) (GOOGLE)
21	172.217.174.97 172.217.174.97	15169 (GOOGLE) (GOOGLE)
2	142.251.222.35 142.251.222.35	15169 (GOOGLE) (GOOGLE)
4	172.217.175.66 172.217.175.66	15169 (GOOGLE) (GOOGLE)
27	142.250.207.2 142.250.207.2	15169 (GOOGLE) (GOOGLE)
12	23.61.252.81 23.61.252.81	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	143.204.86.90 143.204.86.90	16509 (AMAZON-02) (AMAZON-02)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	124.146.153.164 124.146.153.164	2514 (INFOSPHER...) (INFOSPHERE NTT PC Communications)
2 2	99.84.133.60 99.84.133.60	16509 (AMAZON-02) (AMAZON-02)
8 13	142.251.222.34 142.251.222.34	15169 (GOOGLE) (GOOGLE)
4	54.95.167.198 54.95.167.198	16509 (AMAZON-02) (AMAZON-02)
1	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
2	18.178.12.4 18.178.12.4	16509 (AMAZON-02) (AMAZON-02)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	52.192.40.163 52.192.40.163	16509 (AMAZON-02) (AMAZON-02)
7	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.227.249.156 35.227.249.156	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	202.233.84.8 202.233.84.8	131957 (MICROAD M...) (MICROAD MicroAd)
5 9	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.86.127 143.204.86.127	16509 (AMAZON-02) (AMAZON-02)
1	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
4	142.250.196.99 142.250.196.99	15169 (GOOGLE) (GOOGLE)
2 4	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
2 2	172.104.121.22 172.104.121.22	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
2	182.161.74.18 182.161.74.18	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	35.208.216.174 35.208.216.174	15169 (GOOGLE) (GOOGLE)
4 6	142.251.42.198 142.251.42.198	15169 (GOOGLE) (GOOGLE)
10	34.149.43.113 34.149.43.113	15169 (GOOGLE) (GOOGLE)
4	2.18.148.226 2.18.148.226	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	142.250.199.106 142.250.199.106	15169 (GOOGLE) (GOOGLE)
16	3.234.113.32 3.234.113.32	14618 (AMAZON-AES) (AMAZON-AES)
8	23.40.148.48 23.40.148.48	16625 (AKAMAI-AS) (AKAMAI-AS)
5	3.112.170.251 3.112.170.251	16509 (AMAZON-02) (AMAZON-02)
31	157.240.31.8 157.240.31.8	32934 (FACEBOOK) (FACEBOOK)
1 1	23.208.233.60 23.208.233.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.40.149.60 23.40.149.60	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	139.99.123.206 139.99.123.206	16276 (OVH) (OVH)
2 5	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	142.250.207.102 142.250.207.102	15169 (GOOGLE) (GOOGLE)
5 6	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
16	142.250.198.2 142.250.198.2	15169 (GOOGLE) (GOOGLE)
1 1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
9 13	8.39.36.141 8.39.36.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	67.220.224.144 67.220.224.144	16509 (AMAZON-02) (AMAZON-02)
1 1	18.136.146.191 18.136.146.191	16509 (AMAZON-02) (AMAZON-02)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	13.113.132.165 13.113.132.165	16509 (AMAZON-02) (AMAZON-02)
1	103.43.90.19 103.43.90.19	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.77.135.86 52.77.135.86	16509 (AMAZON-02) (AMAZON-02)
1 2	69.175.41.79 69.175.41.79	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	131.153.206.101 131.153.206.101	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	18.65.207.56 18.65.207.56	16509 (AMAZON-02) (AMAZON-02)
1 2	18.65.185.99 18.65.185.99	16509 (AMAZON-02) (AMAZON-02)
2	142.250.196.131 142.250.196.131	15169 (GOOGLE) (GOOGLE)
2	142.250.206.226 142.250.206.226	15169 (GOOGLE) (GOOGLE)
407	88

1 35.185.130.121 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 121.130.185.35.bc.googleusercontent.com

reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.98.30 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.98.149.34.bc.googleusercontent.com

storage.reurl.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.55 (United States)

ASN54113 (FASTLY, US)

anymind360.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.42.136 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.196.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 31.13.82.36 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-nrt1.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.196.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.196.244.35.bc.googleusercontent.com

storage.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

61 31.13.82.7 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-nrt1.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.175.110 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s21-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.23.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.23.117.34.bc.googleusercontent.com

asset.re-news.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.238.194 (None, )

ASN13335 (CLOUDFLARENET, US)

mma.prnasia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.216.47.122 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-216-47-122.hinet-ip.hinet.net

img.racingcharger.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.150.31 (United States)

ASN13335 (CLOUDFLARENET, US)

img.gbyhn.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.24 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

creditcards.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.190.48 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 48.190.120.34.bc.googleusercontent.com

www.rayskyinvest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.174.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-59.nrt57.r.cloudfront.net

static.wixstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i0.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.78.187 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

blog.alphaloan.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 157.240.31.5 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-nrt1.fbcdn.net

scontent-nrt1-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
external-nrt1-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.170.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tc-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.32.181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.42.163 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f3.1e100.net

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.1 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-102.nrt57.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.207.97 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f1.1e100.net

2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.199.100 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.134.10 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-134-10.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.172.52.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-52-87.nrt20.r.cloudfront.net

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.42.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.185.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-129.nrt57.r.cloudfront.net

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 143.204.126.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-126-128.nrt20.r.cloudfront.net

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.74 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.174.97 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s28-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.222.35 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.175.66 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt20s20-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.207.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s54-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 23.61.252.81 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-61-252-81.deploy.static.akamaitechnologies.com

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jp-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.86.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-90.nrt12.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 124.146.153.164 (Kakegawa, Japan) 1 redirects

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.133.60 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-60.nrt57.r.cloudfront.net

cr-p3.ladsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.222.34 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: nrt13s72-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.95.167.198 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.12.4 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-12-4.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.192.40.163 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
68c355f7-9a7a-4602-ad1f-bb774a29aaa3.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.249.156 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 156.249.227.35.bc.googleusercontent.com

m.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.233.84.8 (Japan) 2 redirects

ASN131957 (MICROAD MicroAd, Inc., JP)

s-cs.send.microad.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.64.151.101 (United States) 5 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.86.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-86-127.nrt12.r.cloudfront.net

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.196.99 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s35-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.36.98 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.104.121.22 (Tokyo, Japan) 2 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1731-22.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.74.18 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.216.174 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 174.216.208.35.bc.googleusercontent.com

rt.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.42.198 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.149.43.113 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 113.43.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-ae1.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.148.226 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-18-148-226.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.199.106 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s52-in-f10.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.234.113.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-113-32.compute-1.amazonaws.com

p.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.40.148.48 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-148-48.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.112.170.251 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 157.240.31.8 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)
PTR: edge-video-shv-02-nrt1.fbcdn.net

video-nrt1-2.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.208.233.60 (Tokyo, Japan) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-233-60.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.40.149.60 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-40-149-60.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 139.99.123.206 (Singapore, Singapore) 1 redirects

ASN16276 (OVH, FR)
PTR: ads2-sgp.stickyadstv.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.46.130.91 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.207.102 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s11-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 8.39.36.142 (United States) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.198.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 8.39.36.141 (Los Angeles, United States) 9 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 67.220.224.144 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.136.146.191 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-146-191.ap-southeast-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.113.132.165 (Tokyo, Japan) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-132-165.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.43.90.19 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.135.86 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.175.41.79 (Park Ridge, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)
PTR: sovrn-193627-chi03-placeholder

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.206.101 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.207.56 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-207-56.nrt57.r.cloudfront.net

live.primis.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.65.185.99 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-65-185-99.nrt57.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync1.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.196.131 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f3.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.206.226 (United States)

ASN15169 (GOOGLE, US)
PTR: kix06s10-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
97	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 953 scontent-nrt1-2.xx.fbcdn.net — Cisco Umbrella Rank: 168904 external-nrt1-2.xx.fbcdn.net — Cisco Umbrella Rank: 825649 video-nrt1-2.xx.fbcdn.net	3 MB
53	googlesyndication.com 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 148 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	314 KB
53	doubleclick.net 14 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139 pubads.g.doubleclick.net — Cisco Umbrella Rank: 414	317 KB
26	holmesmind.com 1 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 132288 ad.holmesmind.com — Cisco Umbrella Rank: 104322 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 171925 fcm.holmesmind.com — Cisco Umbrella Rank: 210108 fcm2.holmesmind.com — Cisco Umbrella Rank: 154750 c.holmesmind.com — Cisco Umbrella Rank: 107592 m.holmesmind.com — Cisco Umbrella Rank: 190604	152 KB
23	rubiconproject.com 16 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946 eus.rubiconproject.com — Cisco Umbrella Rank: 588 token.rubiconproject.com — Cisco Umbrella Rank: 461 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1237 pixel.rubiconproject.com — Cisco Umbrella Rank: 339	29 KB
22	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 489 rtb0.doubleverify.com — Cisco Umbrella Rank: 754 tps.doubleverify.com — Cisco Umbrella Rank: 505 tpsc-ae1.doubleverify.com — Cisco Umbrella Rank: 15385	466 KB
19	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 38270 go.trvdp.com — Cisco Umbrella Rank: 34674 s.trvdp.com — Cisco Umbrella Rank: 30609 p.trvdp.com — Cisco Umbrella Rank: 25583	147 KB
17	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 923 cdn.flashtalking.com — Cisco Umbrella Rank: 1337 d9.flashtalking.com — Cisco Umbrella Rank: 1842 secure.flashtalking.com — Cisco Umbrella Rank: 2874	240 KB
11	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	96 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	5 KB
8	amazon-adsystem.com 4 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 285 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 807	5 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	144 KB
7	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 84860 68c355f7-9a7a-4602-ad1f-bb774a29aaa3.t.ssp.hinet.net	6 KB
7	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1639 google-bidout-d.openx.net — Cisco Umbrella Rank: 1643 us-u.openx.net — Cisco Umbrella Rank: 491 jp-u.openx.net — Cisco Umbrella Rank: 15595	2 KB
6	appier.net 4 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 52931 gocm.c.appier.net — Cisco Umbrella Rank: 2197	1 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29 imasdk.googleapis.com — Cisco Umbrella Rank: 487	371 KB
6	criteo.com gum.criteo.com — Cisco Umbrella Rank: 424 bidder.criteo.com — Cisco Umbrella Rank: 776	13 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	383 KB
6	google.com analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 93	2 KB
6	reurl.cc reurl.cc — Cisco Umbrella Rank: 116978 storage.reurl.cc — Cisco Umbrella Rank: 432247	6 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 168	229 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
4	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 27502	17 KB
4	criteo.net static.criteo.net — Cisco Umbrella Rank: 631	57 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	intentiq.com 1 redirects sync.intentiq.com — Cisco Umbrella Rank: 846 sync1.intentiq.com — Cisco Umbrella Rank: 2869	2 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	lijit.com 1 redirects ce.lijit.com — Cisco Umbrella Rank: 835	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 563	1 KB
2	stickyadstv.com 1 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 526	1 KB
2	microad.jp 2 redirects s-cs.send.microad.jp — Cisco Umbrella Rank: 17722	1 KB
2	ladsp.com 2 redirects cr-p3.ladsp.com — Cisco Umbrella Rank: 25818	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 979 bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	12 KB
2	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2133 prebid-asia.creativecdn.com — Cisco Umbrella Rank: 26644	2 KB
2	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 26283	515 B
2	re-news.tw storage.re-news.tw asset.re-news.tw	435 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	58 KB
1	primis.tech 1 redirects live.primis.tech — Cisco Umbrella Rank: 1398	556 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 751	451 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 495	280 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 229	942 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 327	515 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	617 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	17 KB
1	ad-score.com rt.ad-score.com — Cisco Umbrella Rank: 27242	591 B
1	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 92120	168 B
1	lndata.com cm.lndata.com — Cisco Umbrella Rank: 161265	470 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1450	858 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1740	8 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1352	5 KB
1	alphaloan.co blog.alphaloan.co	181 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3858	107 KB
1	wixstatic.com static.wixstatic.com — Cisco Umbrella Rank: 5797	248 KB
1	rayskyinvest.com www.rayskyinvest.com	612 KB
1	creditcards.com.tw creditcards.com.tw	48 KB
1	gbyhn.com.tw img.gbyhn.com.tw	401 KB
1	racingcharger.tw img.racingcharger.tw	307 KB
1	prnasia.com mma.prnasia.com — Cisco Umbrella Rank: 534895	85 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	92 KB
1	anymind360.com anymind360.com — Cisco Umbrella Rank: 20760	42 KB
407	61

	Domain	Requested by
56	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
31	video-nrt1-2.xx.fbcdn.net	static.xx.fbcdn.net
27	pagead2.googlesyndication.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com reurl.cc pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com imasdk.googleapis.com securepubads.g.doubleclick.net
21	tpc.googlesyndication.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net
16	pubads.g.doubleclick.net	imasdk.googleapis.com
16	p.trvdp.com	reurl.cc
15	cdn.holmesmind.com	securepubads.g.doubleclick.net cdn.holmesmind.com ad.holmesmind.com reurl.cc
13	pixel.rubiconproject.com	9 redirects reurl.cc
13	cm.g.doubleclick.net	8 redirects google-bidout-d.openx.net googleads.g.doubleclick.net reurl.cc
12	cdn.doubleverify.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com cdn.doubleverify.com reurl.cc cdn.flashtalking.com
12	securepubads.g.doubleclick.net	2 redirects reurl.cc securepubads.g.doubleclick.net www.googletagservices.com
11	www.facebook.com	reurl.cc static.xx.fbcdn.net connect.facebook.net
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	scontent-nrt1-2.xx.fbcdn.net	www.facebook.com
6	token.rubiconproject.com	5 redirects eus.rubiconproject.com
6	ad.doubleclick.net	4 redirects 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
6	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
6	www.googletagservices.com	securepubads.g.doubleclick.net 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
5	s.amazon-adsystem.com	2 redirects reurl.cc
5	d9.flashtalking.com	cdn.flashtalking.com d9.flashtalking.com reurl.cc
5	tps.doubleverify.com	cdn.doubleverify.com 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
5	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	connect.facebook.net	storage.reurl.cc connect.facebook.net fcm2.holmesmind.com cdn.holmesmind.com
5	storage.reurl.cc	reurl.cc
4	secure.flashtalking.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com cdn.flashtalking.com
4	cdn.flashtalking.com	servedby.flashtalking.com 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
4	servedby.flashtalking.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com reurl.cc
4	ad2.apx.appier.net	2 redirects reurl.cc
4	www.googleadservices.com	reurl.cc
4	fonts.gstatic.com	fonts.googleapis.com
4	ad.holmesmind.com	cdn.holmesmind.com reurl.cc
4	stg.truvidplayer.com	go.trvdp.com s.trvdp.com reurl.cc
4	googleads.g.doubleclick.net	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com pagead2.googlesyndication.com
4	fonts.googleapis.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
4	gum.criteo.com	static.criteo.net gum.criteo.com
4	static.criteo.net	securepubads.g.doubleclick.net cdn.holmesmind.com reurl.cc
3	tpsc-ae1.doubleverify.com	cdn.doubleverify.com
3	aax-eu.amazon-adsystem.com	2 redirects reurl.cc
3	match.adsrvr.org	3 redirects
3	www.google-analytics.com	storage.reurl.cc www.google-analytics.com reurl.cc
2	adservice.google.com	reurl.cc
2	csi.gstatic.com	imasdk.googleapis.com
2	pixel.tapad.com	1 redirects reurl.cc
2	ce.lijit.com	1 redirects reurl.cc
2	match.prod.bidr.io	2 redirects
2	ads.stickyadstv.com	1 redirects reurl.cc
2	eus.rubiconproject.com	s.trvdp.com eus.rubiconproject.com
2	imasdk.googleapis.com	s.trvdp.com imasdk.googleapis.com
2	rtb0.doubleverify.com	cdn.doubleverify.com
2	bidder.criteo.com	static.criteo.net
2	gocm.c.appier.net	2 redirects
2	s-cs.send.microad.jp	2 redirects
2	external-nrt1-2.xx.fbcdn.net	www.facebook.com
2	c.holmesmind.com	1 redirects cdn.holmesmind.com
2	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
2	cr-p3.ladsp.com	2 redirects
2	jp-u.openx.net	google-bidout-d.openx.net
2	us-u.openx.net	google-bidout-d.openx.net
2	www.gstatic.com	2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
2	oajs.openx.net	1 redirects reurl.cc
2	www.google.com	reurl.cc tpc.googlesyndication.com
2	www.google.co.jp	reurl.cc
2	analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	cdn.jsdelivr.net	reurl.cc
1	sync1.intentiq.com	reurl.cc
1	sync.intentiq.com	1 redirects
1	live.primis.tech	1 redirects
1	prebid.a-mo.net	reurl.cc
1	match.sharethrough.com	reurl.cc
1	ib.adnxs.com	reurl.cc
1	px.ads.linkedin.com	reurl.cc
1	pr-bh.ybp.yahoo.com	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	secure-assets.rubiconproject.com	1 redirects
1	68c355f7-9a7a-4602-ad1f-bb774a29aaa3.t.ssp.hinet.net	cdn.holmesmind.com
1	rt.ad-score.com	s.trvdp.com
1	prebid-asia.creativecdn.com	cdn.holmesmind.com
1	prebid.scupio.com	cdn.holmesmind.com
1	s.trvdp.com	go.trvdp.com
1	m.holmesmind.com	cdn.holmesmind.com
1	fcm2.holmesmind.com	cdn.holmesmind.com
1	fcm.holmesmind.com	cdn.holmesmind.com
1	cm.lndata.com	cdn.holmesmind.com
1	tg.socdm.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	go.trvdp.com	cnt.trvdp.com
1	cnt.trvdp.com	securepubads.g.doubleclick.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	blog.alphaloan.co	reurl.cc
1	i0.wp.com	reurl.cc
1	static.wixstatic.com	reurl.cc
1	www.rayskyinvest.com	reurl.cc
1	creditcards.com.tw	reurl.cc
1	img.gbyhn.com.tw	reurl.cc
1	img.racingcharger.tw	reurl.cc
1	mma.prnasia.com	reurl.cc
1	asset.re-news.tw	reurl.cc
1	storage.re-news.tw	storage.reurl.cc
1	www.googletagmanager.com	reurl.cc
1	anymind360.com	reurl.cc
1	reurl.cc
407	107

This site contains links to these domains. Also see Links.

Domain
re-news.tw
youtils.cc
www.comptw.com
stockinfo.tw

Subject Issuer	Validity	Valid
reurl.cc R3	`2023-11-18` - `2024-02-16`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
storage.reurl.cc GTS CA 1D4	`2023-10-14` - `2024-01-12`	3 months	crt.sh
anymind360.com R3	`2023-10-25` - `2024-01-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-16` - `2023-12-15`	3 months	crt.sh
storage.re-news.tw GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
asset.re-news.tw GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.prnasia.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-11-24`	a year	crt.sh
img.racingcharger.tw cPanel, Inc. Certification Authority	`2023-10-22` - `2024-01-20`	3 months	crt.sh
gbyhn.com.tw GTS CA 1P5	`2023-11-20` - `2024-02-18`	3 months	crt.sh
tls.automattic.com R3	`2023-10-07` - `2024-01-05`	3 months	crt.sh
*.rayskyinvest.com R3	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.wixstatic.com Sectigo RSA Domain Validation Secure Server CA	`2023-08-03` - `2024-01-30`	6 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-11-24` - `2024-02-22`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.trvdp.com Amazon RSA 2048 M01	`2023-07-26` - `2024-08-23`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-07` - `2024-05-07`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.truvidplayer.com Amazon RSA 2048 M02	`2023-01-22` - `2024-02-20`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2023-09-27` - `2024-10-27`	a year	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2023-09-29` - `2024-09-28`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.ads.stickyadstv.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-05-19`	a year	crt.sh

This page contains 34 frames:

Primary Page: https://reurl.cc/gaOWLp
Frame ID: F7EE52560653F04274A373229D5894EB
Requests: 73 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Frame ID: 91E58D02717E38B970EF8D2CF49EC15A
Requests: 40 HTTP requests in this frame

Frame: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 164130A2C1504A85FFCF783726A9495B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuccsjtvaR0eNXQ_krq3LZ5Kc5U-mOlWVLdMKd4D1b2wxGRTcfHMIQpNx2uaYuu9pQ8noxejALKZKKPy9gWUYLVop3z2u6nWKeeWRPeJJiCmEQgBVP6BVrlP70r3wBy9YVGczHZcgxLynkjvfGQpLJ47kT6eNS2dBJ7YY64OXl_eT-ZRjBSuZJvAHKr1Mj1J5pmhcp7Vf_od7cOvAU-9HVKOJUGcIaFMcfHBq3TjVWNLFXhoBu1Dgj6hyDdXUBWK0bOFfKWoq1LpIR_BaQpBI-_O3NFZ-YUrm7csghZV9YZYzVmy09uOBrHou9logjwI_vbwFgKsjG9QzB1ScMKOUVVhjv3F-DL0OKyYYjyncoHuTUMPjhziP6Eoz4&sai=AMfl-YRNTkR0V952wrx2URgrYIpTlc2FL1LlRmhNU6UD5p7gvQfE_OigNeBP-XjHjgkAYNPDlUwMtKYnIoUD38aB-_9975EsgKOogay26B5aE8SRJjAbz_Z59b9_Hr4EaCp9kreCnvGn-9Y9Y8-Ms65sL1Q3grNV-cdQtbq1PTw&sig=Cg0ArKJSzGZtFsbwq53iEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 21CF6F0D7044F2E1573B15E1B586BD8D
Requests: 6 HTTP requests in this frame

Frame: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 333C5D6F71D315F61D302793D88B47FC
Requests: 15 HTTP requests in this frame

Frame: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C1CAFFC9E6A1EF1FA410D3D4DD0D13A
Requests: 27 HTTP requests in this frame

Frame: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 66E3B7A9EE9664F0B5777159B6206C43
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurUiJqPQRqRkHitvFmVYyqOpgcDMLfNrK1mpQtUk3elyGAiF86zPjX1ncBt2reAhyiFCcjy0uyML5T7XpVw0RV4FWPhdCkJNZE4nInvzCGHzQXzxiI6bpATisuI7bNkhZw26wW8e3W-kBkIMQhOdaTk6bsFyckBjU5tpbCi7WdJYWfsspCsg1hMxR9xfhZ7LOHFUI9G6XslEs2pkEZnb_mKl5jGmMYhKPvQIqgEnVgROLR8rK7NfVVxQk4NMtd_6Fz_Jeq9nPPgVHCE34A3rg_Ev4h6IRJksF9KL96ilhQVPErTy8LByUoZOo6o71i59ieL9X5YMGJcCnGj2subZbFT7EDZfXDPQ0cAOvrcZpn--8gRYjCsfOGuwGJ-UA6&sai=AMfl-YRDLAFB97jdFUPmmVvRUrmJjtW09QX4Zz-YLeLpPS8QSGUEdV3d6_PbAOx9Y-_aYaYZQY8z8a7CzIE9Uvis3zC5unnLKIPJbKzoeFXct0fTn87a-Bgq2s4VlR-gOMbZAwv7t3ufhFTzQV1dH1VbVvaxC8cb_6L9oxwEeQ&sig=Cg0ArKJSzGjfJVOvNxGeEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 79CCC1B39D75FDA49E11E55920986D99
Requests: 6 HTTP requests in this frame

Frame: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1330BBD842E1764A8AE0780C0E3AC39E
Requests: 15 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
Frame ID: EA4F0A29BDB887CC26300C9339076767
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNWXIHus7k-xUNT7DBB4Vdpeb0gGJ8ngWKI5WUpl7I-6gTlTZlv66FhaYnnJ8nZXgBEcn_26oFQfTBViZM0-MIsULapEqg
Frame ID: 9631B32D298A9F04534D9FC44679D824
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNXYq1z5bAcKnWEamMkPZBVKL2kYkhWEOhZkUcfTUfxizWe8U8x0fc4BFbf4YsBxPxasdGOV7v57cmXeEezNTxOzPgLkfw
Frame ID: 95C5A45EF53B9A85CBE32F4E10927B33
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CD68E9C92D96B0284BDF2A2805E8F65A
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: E15CB913FD90487EE08A09D996A3903D
Requests: 11 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20231115
Frame ID: 2582310EDC73ACE10DC513ACC0BF0BD3
Requests: 26 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: BAC696F92945151E912F91E02FC078C9
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: 24606898F976A3CECC099D0EE3B7F9DD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 279F3E204B7E6A7D177B341C6FA63B6B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 0D1A63693AF2BAA4F31E873D99311DAB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 77AAF3BEEB8C0FF10C46085887743B51
Requests: 3 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/image/22990/c6fefdd77d017860676055a778536143.jpg
Frame ID: B2E3C88DB387FCF2AFFD340C7F4F9856
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: A3717C28ED8A3675D51A8DE8AFFF64B8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
Frame ID: 520E3C6CE87392E26DF33E7211EAFC61
Requests: 69 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: E78373FCDB8A3CEB6778ACEA415F6666
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: E8CF4AD652DFF7F0383B7D6BBD206700
Requests: 3 HTTP requests in this frame

Frame: https://stg.truvidplayer.com/v5.832/prtct.php?val=c&geo=JP&timestamp=1702012105&level=1
Frame ID: C0287B6A6E306174E43266A3A7AE01C5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: 241269DA53D32FBCAA95DD9D1DD5C28A
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements5084.js
Frame ID: CA2A69B9AAB77630BAFC396C8A5406E3
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Frame ID: 1A3E43A8CCFD8433AD6E774FA8917CF6
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Frame ID: 4B637958809019F110FDB0579900816C
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2C8CBE2B3D32E2187CB02131DD61B495
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
Frame ID: 74AE4F290EE61F4A4E53B542A6140B00
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05AA57A10F039A03D0A6EE01CFAD3AAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7545509ED9D226BAE787A03A34C7903
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

縮短網址產生器 - reurl

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

407
Requests

90 %
HTTPS

0 %
IPv6

61
Domains

107
Subdomains

88
IPs

6
Countries

8572 kB
Transfer

22605 kB
Size

83
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://re-news.tw/
Title: 離開此頁

Search URL Search Domain Scan URL

URL: https://re-news.tw/renews/155

Search URL Search Domain Scan URL

URL: https://re-news.tw/prnasia/4287792_XG87792_2

Search URL Search Domain Scan URL

URL: https://re-news.tw/racingcharger/45287

Search URL Search Domain Scan URL

URL: https://re-news.tw/gbyhn/53225

Search URL Search Domain Scan URL

URL: https://re-news.tw/creditcard/2464

Search URL Search Domain Scan URL

URL: https://re-news.tw/rayskyinvest/111057

Search URL Search Domain Scan URL

URL: https://re-news.tw/zocha/6529021929c8b98fa9eb5390

Search URL Search Domain Scan URL

URL: https://re-news.tw/golike/21512

Search URL Search Domain Scan URL

URL: https://re-news.tw/alphaloan/20451

Search URL Search Domain Scan URL

URL: https://youtils.cc/emoji
Title: 表情符號(emoji)

Search URL Search Domain Scan URL

URL: https://youtils.cc/geoip
Title: IP查詢

Search URL Search Domain Scan URL

URL: https://youtils.cc/big5gb
Title: 繁簡轉換

Search URL Search Domain Scan URL

URL: https://youtils.cc/qrcode
Title: QRCode

Search URL Search Domain Scan URL

URL: https://youtils.cc/length
Title: 身高/長度換算

Search URL Search Domain Scan URL

URL: https://www.comptw.com/
Title: 台灣公司查詢網

Search URL Search Domain Scan URL

URL: https://stockinfo.tw/
Title: 台股資訊網

Search URL Search Domain Scan URL

URL: https://youtils.cc/wordcounter/zh-Hants
Title: 字數統計

Search URL Search Domain Scan URL

URL: https://youtils.cc/dateCalculator
Title: 日期計算機

Search URL Search Domain Scan URL

URL: https://youtils.cc/lunarCalendar
Title: 農曆轉國曆

Search URL Search Domain Scan URL

URL: https://youtils.cc/utm
Title: UTM網址

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

Request Chain 121

https://match.adsrvr.org/track/cmf/openx?oxid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=881cf4a2-e987-4e73-995b-5bb680f9b34d&ttd_puid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0&gdpr_consent=

Request Chain 122

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXKkxsCo8XYAALgmnUMAAAAA

Request Chain 123

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQS_G93HEHSRks8AEDmpjzFXRc8AAAGMR9OpPw

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMs_nVKSHSpaLmaDW6GdZXQ&google_cver=1

Request Chain 142

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 143

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined HTTP 302
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMFReFyeNizC6okyvC2p-vI&google_cver=1

Request Chain 159

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1

Request Chain 161

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXKkx0RjrsuowgY05gSNxQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1

Request Chain 162

https://s-cs.send.microad.jp/cs?key=google_1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&C=1

Request Chain 164

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXKkxzYYzqA.82UItms5MgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&google_hm=2

Request Chain 174

https://securepubads.g.doubleclick.net/pagead/adview?ai=CcmHvxaRyZeHGN_XN7OsPiOGniAPd6vfUdLLsk47HEWQQASDSzIEaYInLwoTwE6ABzpeg8ynIAQmpAnpnOnF-yj0-4AIAqAMByAPLBKoEtAJP0LwPITLLdZ5BAnBFnlvMM4HQeJvrqJvmaPhgQBWFu2YAKF0hlifhnQE-49zQ0MSmBigHyJZgxFfNaqJVPjlyCQ2pUPcL97G9LOLkEhIickIxkiaKK8uXy7XgC4T_6MAqrBvwBnSFYIlkSFNfdt651PFspRf2uj-U447LVrC40qpLYwb88B8caaAyrEyA7J6I_Iop2ftBynyegQtwW0AbbXDnfTS3emf3TuUDhvvXPx1Rjpw6xvJjtd-UuZZedt8tN9Ug49onCNsnTWVfK-GUDbbLqlrcOdNtMtBs0Qsuecr4DpDFNs2_WwExYEKu3wt-GBQkcsVa5JsNp5yZ3wZ0sKATOCNlL-NHgBNcrkacEndb9SscT45hKzIUD1MIZ-eVjIshkSNsMMMorWs5_Rm56IvILMAEvfeP8LkE4AQBiAWDgvGETZIFBAgEGAGSBQQIBRgEoAYugAeXlKzSBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELmkCtIIHQiAYRABGB0yAooCOgKAQEi9_cE6WJC_8ZWJ_4IDmglaaHR0cHM6Ly93d3cub3duZGF5cy5jb20vanAvamEvd2VsY29tZT91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPXBtYXgmdXRtX2NhbXBhaWduPUNoaWJhgAoDyAsBmAyP1or3wgSiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBEKCxCwkvuFjPPIkJ8BEgIBA-INEwjDhfKVif-CAxX1JnsHHYjwCTG4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=CZT4yyIJ5e8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb534206ab6b43450000000000000000%22,%224%22:%220x3bbc3e779d1178e50000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%2217934328409405101120%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214654918752038539921%22}&andc=true

Request Chain 178

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVzE7xaRyZd3GN_XN7OsPiOGniAPd6vfUdLLsk47HEWQQASDSzIEaYInLwoTwE6ABzpeg8ynIAQmpAnpnOnF-yj0-4AIAqAMByAPLBKoErwJP0P1vsCOT3GAhqx7zyLRvqCWpokPAoSiBG_-NiUFq1sk9-OLPQBU8VWBmWF4jS16vLLhvnbCI5pKphRiBYHYOPUiduuiIrFJmvJCfdzN1y81zSm68Lj9TtFj2sWPBfP8-tQf-SQowOmSgE3K4eeNZbLWUe5O8eqc0SpsP4viTA89z9dgNq26HwSsF9qwdXjQ-rrHM117ZH-op7V5ka78DL-ldMyfggfTuMh6hPR4EXJNFMpU3RD2_LJ5gdUA3qzBKJie7Y1SFJ3A7wYTU-YkMROfjW1KsR6c8D-wkZYZTZXo5NzMMqvJpZ-GKjhfJqTsPvr4IUO3HZbJ2u-2DVYhZIr055taNm4Y72bNIvRamonL8rbU12O-d2rCUXtFufWo1U3gWz5qUTm8bs7hidfPABL33j_C5BOAEAYgFg4LxhE2SBQQIBBgBkgUECAUYBKAGLoAHl5Ss0gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDdoQbSCB0IgGEQARgdMgKKAjoCgEBIvf3BOliQv_GVif-CA5oJWmh0dHBzOi8vd3d3Lm93bmRheXMuY29tL2pwL2phL3dlbGNvbWU_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wbWF4JnV0bV9jYW1wYWlnbj1DaGliYYAKA8gLAZgMj9aK98IEogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQ8POT6OG5osx9EgIBA-INEwi_hfKVif-CAxX1JnsHHYjwCTG4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=D-XReZEnxns&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb534206ab6b43450000000000000000%22,%224%22:%220x3bbc3e779d1178e50000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%2211575194169130789007%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214456626553910491073%22}&andc=true

Request Chain 181

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=ifMVrsmeDKiAk4aQx6RyZQ

Request Chain 186

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=APd_7tM1Bwmjt1uBx6RyZQ

Request Chain 288

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

Request Chain 290

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
https://s.amazon-adsystem.com/ecm3?id=da92ae8ff658b34bda3f11181f6d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Request Chain 322

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LPW62AIL-T-C3RZ HTTP 302
https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPW62AIL-T-C3RZ

Request Chain 323

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBXNjJBSUwtVC1DM1Ja HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL9Pogu2TPhfLTwcO334Al4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNjJBSUwtVC1DM1Ja&google_push=

Request Chain 324

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LPW62AIL-T-C3RZ&ex=d-rubiconproject.com&status=ok

Request Chain 325

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZlOTUyZDFiYzMxYmQ1MTVkNDdmODc5ODFjMjE0YzA2ZjhmNjJlNw

Request Chain 326

https://match.adsrvr.org/track/cmf/rubicon HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=881cf4a2-e987-4e73-995b-5bb680f9b34d&gdpr=0&gdpr_consent=&expires=30

Request Chain 327

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tjuLTbF_ScuNsOWzHR-gQQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tjuLTbF_ScuNsOWzHR-gQQ

Request Chain 328

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEsNOYB6lMMz15tU9utnVF4&google_cver=1

Request Chain 329

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ivk185hqTRmqRqn9kV68cw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ivk185hqTRmqRqn9kV68cw

Request Chain 330

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/Pp2KNSupvAwReZQnHWdNgQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EoNzGYdE2oKTQsFrKXPJIh9i47gYtMYScdbYeg--~A

Request Chain 331

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW62AIL-T-C3RZ

Request Chain 332

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD48E7K5UoAADtJEYbW3w&expires=30

Request Chain 333

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn HTTP 302
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPW62AIL-T-C3RZ

Request Chain 334

https://pixel.rubiconproject.com/exchange/sync.php?p=18694 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW62AIL-T-C3RZ

Request Chain 335

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPW62AIL-T-C3RZ HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=LPW62AIL-T-C3RZ&dnr=1

Request Chain 336

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx HTTP 302
https://prebid.a-mo.net/setuid/magnite?uid=LPW62AIL-T-C3RZ

Request Chain 337

https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPW62AIL-T-C3RZ HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPW62AIL-T-C3RZ

Request Chain 338

https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPW62AIL-T-C3RZ HTTP 301
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW62AIL-T-C3RZ HTTP 302
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW62AIL-T-C3RZ&ckls=true&ci=JrifHAEmkJ&nc=false&trid=1148802592

Request Chain 352

https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1 HTTP 302
https://ad.doubleclick.net/activity;dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1

Request Chain 353

https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1 HTTP 302
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

407 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request gaOWLp Show response
reurl.cc/ 10 KB
3 KB 238ms
113ms Document
text/html 35.185.130.121
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.185.130.121 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 121.130.185.35.bc.googleusercontent.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e07e12baca73f34b8e8b9a4194311ed254370260a79f7abc2a279802cc7a9fbf

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 08 Dec 2023 05:08:19 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx/1.18.0 (Ubuntu)
target: https://cla2.cn/SpY
vary: Accept-Encoding Origin
x-request-id: de3f8454-2f4b-4ee5-99c3-389b89a7468b

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/ 152 KB
25 KB 370ms
26ms Stylesheet
text/css 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 05:08:20 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3798467
x-jsd-version: 4.3.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
x-served-by: cache-fra-eddf8230028-FRA, cache-tyo11946-TYO
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 style.css
storage.reurl.cc/stylesheets/rwd/ 2 KB
1017 B 109ms
61ms Stylesheet
text/css 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/stylesheets/rwd/style.css?v=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 04:08:03 GMT
content-encoding: gzip
via: 1.1 google
age: 3617
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 904
x-request-id: 35968adb-e339-45b1-a1b7-1686ab6572fa
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ats.js Show response
anymind360.com/js/9479/ 177 KB
42 KB 59ms
15ms Script
application/javascript 151.101.1.55
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://anymind360.com/js/9479/ats.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.55 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires: Thu, 07 Dec 2023 14:06:43 GMT
date: Fri, 08 Dec 2023 05:08:20 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=31557600
age: 54096
x-guploader-uploadid: ABPtcPpQsXg9lzBT5aOpD9grjhC9iLm1TjYzCzHH0J6yIKiAdthURi_Ywm4EYN5AKr8iJmMJsYiCRVITHA
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 42279
x-served-by: cache-tyo11983-TYO
last-modified: Mon, 20 Nov 2023 09:15:25 GMT
server: UploadServer
x-timer: S1702012100.070726,VS0,VE0
etag: "dc1bad45759bbb89536459f2c34eaa21"
vary: Accept-Encoding
x-goog-generation: 1700471725490318
x-goog-hash: crc32c=3IRkSQ==, md5=3ButRXWbu4lTZFnyw06qIQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=1200
x-goog-stored-content-length: 42279
content-type: application/javascript; charset=UTF-8
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 pixel.js Show response
storage.reurl.cc/javascripts/ 429 B
417 B 17ms
17ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/pixel.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:16:18 GMT
content-encoding: gzip
via: 1.1 google
age: 10322
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 322
x-request-id: 95f1e18b-b339-4b8f-a8e3-f202892c5b4e
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 ga2.js Show response
storage.reurl.cc/javascripts/ 536 B
631 B 19ms
18ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/ga2.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 22:31:25 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 23815
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 536
x-request-id: 8c529eb5-6ce9-4a81-9449-4cca766aa833

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 459ms
82ms Script
application/javascript 142.251.42.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

9b349818f2c70024b4b27357ce346de1c26da2a733081f91b33dcb663a080241

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93955
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 08 Dec 2023 05:08:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 523ms
148ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

2b1ade15333112c09efe0c0c66d61e5b222cdbd467505cf5b4ad35ef3dd0e398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29422
x-xss-protection: 0
server: cafe
etag: 282 / 19699 / 31079992 / config-hash: 18357547353528918854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:20 GMT

GET
H2 200 vue.min.js Show response
cdn.jsdelivr.net/npm/vue@2.5.16/dist/ 84 KB
33 KB 369ms
26ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/vue@2.5.16/dist/vue.min.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 08 Dec 2023 05:08:20 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3805494
x-jsd-version: 2.5.16
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 33184
x-served-by: cache-fra-eddf8230020-FRA, cache-tyo11946-TYO
x-jsd-version-type: version
etag: W/"151b4-KLsckeN7U/TrtIzkgtzLJAAD4Hg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 renews.js Show response
storage.reurl.cc/javascripts/ 412 B
636 B 69ms
22ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/renews.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 22:22:14 GMT
content-encoding: gzip
via: 1.1 google
age: 24366
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 286
x-request-id: e5dda03f-ebba-4c59-b813-b9cc417ea5fe
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes

GET
H2 200 loading.js Show response
storage.reurl.cc/javascripts/ 134 B
235 B 108ms
60ms Script
text/javascript 34.149.98.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.reurl.cc/javascripts/loading.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.98.30 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 30.98.149.34.bc.googleusercontent.com
Software: /
Resource Hash: ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 00:13:54 GMT
via: 1.1 google
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 29 Sep 2022 09:52:31 GMT
age: 17666
vary: Origin
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *, Authorization, X-Authorization
cache-control: public,max-age=28800
access-control-allow-credentials: true
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134
x-request-id: 23c194ae-913c-4d5a-8e47-230083668c02

GET
H2 200 page.php Show response
www.facebook.com/plugins/ Frame 91E5 94 KB
26 KB 600ms
265ms Document
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

fed911d44812ff0b3cef9c56b1913fe36fb108766407154fb5e7d0fdd257238f

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:20 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: LDLGzszCITD0r/b2rQeqTNkItpnYt0b99E0wP5o54KOegRjvfxp6INjulQ0opRPO4+UDI7Zn1AIAHbD03INPZQ==
x-xss-protection: 0

GET
H2 200 feeds Show response
storage.re-news.tw/ 7 KB
7 KB 102ms
65ms XHR
text/html 35.244.196.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.re-news.tw/feeds
Requested by: Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/renews.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.196.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.196.244.35.bc.googleusercontent.com
Software: / Express
Resource Hash: f95d603bd99d7ef21ed2ac8f9008ca9c4035dcc30b28e8909b2b884796788c3a

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"1b4c-JWthykhjbbtF7UF60oKuAL0VZtw"
vary: Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: https://reurl.cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6988

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 357ms
20ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/pixel.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Dec 2023 05:08:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: OsSaP8grKP2003lfQCoCIdgn0xQ4n8ea46pNb+JXzC/nN6jOVP2bQmNeAWpwfHWEZuQP60Iis7z7aUDhAzADtQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 396ms
23ms Script
text/javascript 172.217.175.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: storage.reurl.cc
URL: https://storage.reurl.cc/javascripts/ga2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 03:30:35 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5865
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 08 Dec 2023 05:30:35 GMT

GET
H2 200 mocpogo_01.jpg
asset.re-news.tw/images/ 427 KB
428 KB 127ms
84ms Image
image/jpeg 34.117.23.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asset.re-news.tw/images/mocpogo_01.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.23.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.23.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
via: 1.1 google
age: 0
x-guploader-uploadid: ABPtcPrjvI__hDEzqPzsaszMZJuRlcSwP7-GhJ5Oa3VgKkXGb1ZVAJDkWkqFNEPzABJSa8jrWvaJJs04EyTFPINGWsrWrx5WsljN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 437364
last-modified: Wed, 18 Oct 2023 12:58:27 GMT
server: UploadServer
etag: "2336bdf757022c5d87b79cbbbcd1b477"
x-goog-generation: 1697633907721269
x-goog-hash: crc32c=dvOsJw==, md5=Iza991cCLF2Ht5y7vNG0dw==
content-type: image/jpeg
cache-control: public,max-age=3600
x-goog-stored-content-length: 437364
accept-ranges: bytes

GET
H2 200 Taiwan_Tech_Solution_Day_SWITCH_2023_Singapore.jpg
mma.prnasia.com/media2/2295543/ 85 KB
85 KB 615ms
123ms Image
image/jpeg 104.17.238.194
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mma.prnasia.com/media2/2295543/Taiwan_Tech_Solution_Day_SWITCH_2023_Singapore.jpg?p=medium600
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.238.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5b4e62f16093986a3e1887b92f30892c2a31cdfc5d3f82bf50c49324553db1c8

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
cf-cache-status: HIT
age: 3937
x-powered-by: ASP.NET
server-timing: intid;desc=e39b6c9606db5a05
content-length: 86618
cf-bgj: h2pri
last-modified: Fri, 08 Dec 2023 04:02:26 GMT
server: cloudflare
vary: *, Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 83227d6f89268a6f-NRT
access-control-allow-headers: Content-Type
expires: Fri, 08 Dec 2023 04:02:27 GMT

GET
H2 200 2023120802095359.jpg
img.racingcharger.tw/wp-content/uploads/ 307 KB
307 KB 196ms
84ms Image
image/jpeg 61.216.47.122
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.racingcharger.tw/wp-content/uploads/2023120802095359.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 61.216.47.122 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-216-47-122.hinet-ip.hinet.net
Software: Apache /
Resource Hash: 9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
last-modified: Fri, 08 Dec 2023 02:09:57 GMT
server: Apache
accept-ranges: bytes
content-length: 314534
content-type: image/jpeg

GET
H2 200 1701954662-eabd29699de9e8b6d55f910edc0027f4.png
img.gbyhn.com.tw/2023/12/ 400 KB
401 KB 615ms
119ms Image
image/png 172.67.150.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gbyhn.com.tw/2023/12/1701954662-eabd29699de9e8b6d55f910edc0027f4.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.150.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ab05351d1257d38ef4ab7f85492cda992e1f171134f173a90b8eabef358c73f

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 57383
alt-svc: h3=":443"; ma=86400
content-length: 409782
last-modified: Thu, 07 Dec 2023 13:11:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5P8q5ZHOMWnqbbj3aRp4cO9KpFLz8EKoddUQGRzi8mjf2xfwnbt15Oiy9CH2tinb%2F31BhPkHsnjdzDLNgCMiJtcdWq7GBqtZ9yq6Qmk30tSUl0SYu2%2BEmwpVPIAIYxpyecQ1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 83227d6f99d3d601-NRT
expires: Thu, 14 Dec 2023 13:11:25 GMT

GET
H2 200 2023-EZTABLE-%E6%B6%88%E8%B2%BB%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%84%AA%E6%83%A0-1080x630.jpg
creditcards.com.tw/wp-content/uploads/2023/12/ 48 KB
48 KB 189ms
147ms Image
image/webp 192.0.78.24
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://creditcards.com.tw/wp-content/uploads/2023/12/2023-EZTABLE-%E6%B6%88%E8%B2%BB%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1%E5%84%AA%E6%83%A0-1080x630.jpg?crop=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.24 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5ace58115177bd9d342f148f9a2f6ba637b04e74fda103abe156a43f92c1a8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-ac: 3.nrt _atomic_bur BYPASS
content-length: 49130
x-nc: HIT bur 1
last-modified: Thu, 07 Dec 2023 09:48:13 GMT
server: nginx
etag: "9fb548c4d1209d88"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
expires: Sat, 06 Dec 2025 21:48:13 GMT

GET
H2 200 %E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8...
www.rayskyinvest.com/wp-content/uploads/ 612 KB
612 KB 96ms
23ms Image
image/png 34.120.190.48
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rayskyinvest.com/wp-content/uploads/%E5%A6%82%E4%BD%95%E8%B2%B7%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E7%9A%84%E7%AC%AC%E4%B8%80%E6%AD%A5%EF%BC%81%E4%BA%A4%E6%98%93%E6%89%80%E9%96%8B%E6%88%B6%E6%96%B0%E6%89%8B%E6%95%99%E5%AD%B8%EF%BC%8C%E7%94%A8%E4%BF%A1%E7%94%A8%E5%8D%A1%E8%B2%B7%E4%B8%8B%E4%BA%BA%E7%94%9F%E7%AC%AC%E4%B8%80%E9%A1%86%E6%AF%94%E7%89%B9%E5%B9%A3-3-1140x570.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 34.120.190.48 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 48.190.120.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Fri, 08 Dec 2023 05:08:20 GMT
expires: Fri, 06 Dec 2024 17:04:26 GMT
last-modified: Sat, 02 Dec 2023 07:13:09 GMT
server: nginx
etag: "656ad905-98e3b"
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 626235
x-cdn-c: all
x-sg-cdn: 1

GET
H2 200 file.png
static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/ 248 KB
248 KB 625ms
90ms Image
image/png 13.33.174.59
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.wixstatic.com/media/08c74d_85f3d2bc5e0247cd96e1875a34d00d40~mv2.png/v1/fit/w_1000,h_1000,al_c,q_80/file.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.174.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-174-59.nrt57.r.cloudfront.net
Software: openresty/1.21.4.1 /
Resource Hash: 0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-seen-by: image-manipulator-7c76496fbd-bz6ff
date: Fri, 13 Oct 2023 11:18:20 GMT
via: 1.1 google, 1.1 3af728591b2fe5d4978686b608203206.cloudfront.net (CloudFront)
server: openresty/1.21.4.1
x-amz-cf-pop: NRT57-C2
age: 4816201
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=15552000, immutable
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xYYOoZP6zMPFV0JgQ8_DH9ppDHLsXysmnoWpzCsPtIVPm7MU4-JEdw==
content-length: 253615
wix-tracer: 2WhrxaKwv8p2lJNwgKmnBT7r70v

GET
H2 200 2023101023413094.jpg
i0.wp.com/golike.tw/wp-content/uploads/2023/10/ 107 KB
107 KB 79ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg?resize=1024%2C535&ssl=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i0.wp.com

Software

nginx /

Resource Hash

9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 109448
x-nc: HIT nrt 8
last-modified: Fri, 13 Oct 2023 09:02:46 GMT
server: nginx
etag: "ab5b506272fb167b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://golike.tw/wp-content/uploads/2023/10/2023101023413094.jpg>; rel="canonical"
expires: Sun, 12 Oct 2025 21:02:46 GMT

GET
H2 200 %E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg
blog.alphaloan.co/wp-content/uploads/2021/04/ 180 KB
181 KB 233ms
176ms Image
image/jpeg 192.0.78.187
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://blog.alphaloan.co/wp-content/uploads/2021/04/%E6%A8%82%E5%A4%A9%E8%B2%B8-%E4%BF%A1%E7%94%A8%E7%AE%A1%E7%90%86%E6%8C%87%E5%8D%97-1.jpg

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.187 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:20 GMT
strict-transport-security: max-age=31536000
x-ac: 3.nrt _atomic_bur BYPASS
last-modified: Thu, 27 Apr 2023 05:06:22 GMT
server: nginx
etag: "644a02ce-2d1f7"
access-control-allow-methods: GET, HEAD
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
accept-ranges: bytes
content-length: 184823
expires: Fri, 15 Dec 2023 05:08:20 GMT

GET
H2 200 1675200226052423 Show response
connect.facebook.net/signals/config/ 126 KB
33 KB 36ms
36ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1675200226052423?v=2.9.138&r=stable&domain=reurl.cc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Dec 2023 05:08:20 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 33827
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: j59pCrBfMDSi3EPgUMo7j5QFUbsScW0NXlLuw4dJrCrlKI0ede5UEf6Xq+RQFwc7gqOzkC0F5h1fjCffPUv4Ig==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
142 B 119ms
118ms XHR
text/plain 172.217.175.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=206560846&t=pageview&_s=1&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=429401602&gjid=740667252&cid=818198690.1702012101&tid=UA-102456694-1&_gid=461807772.1702012101&_r=1&_slc=1&z=1846274741

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 28ms
27ms Image
image/gif 172.217.175.110
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=206560846&t=event&_s=2&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&ul=en-us&de=UTF-8&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=pause&ea=3&el=MTE0LjE3Mi4yMzYuMTMx&ev=1&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=818198690.1702012101&tid=UA-102456694-1&_gid=461807772.1702012101&z=2038877508

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s21-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 00:18:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 17376
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 GSwcapvLrEq.css
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/ Frame 91E5 20 KB
6 KB 580ms
203ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QZ/F21WCMvVioyUwMJMxZA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5281
reporting-endpoints
x-fb-debug: UJQvuqHkFiDRd+6aajjknZPDzd8+jtxhyg+Khdw7oyNtd6GJJMptlSEPVBQ4/dx3X1xMkulkoBeyFlJCpOZbXA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:50:30 GMT

GET
H2 200 V-GL57iHfEB.css
static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/ Frame 91E5 33 KB
7 KB 581ms
204ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mEms5HNO4RW/YAm2lY0J/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6478
reporting-endpoints
x-fb-debug: Zvqj4BwsAg7DH0vphEvAiof0tkgNT3ULIpUzYkEnFZbcY0h6gbInmBYitSBUGHjd6Bp62ZvXPKF1omUgMDNx5g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:24:08 GMT

GET
H2 200 L9vxdWjqRLv.css
static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/ Frame 91E5 21 KB
5 KB 1194ms
818ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YxGy9ULmNYpse9KBe8qMZQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4833
reporting-endpoints
x-fb-debug: I66HsIkWfOkwt07ooyILB/GF/RU9PwOE/2DexBYG5YttEsjc5oQyZesfSpaeAkSXOr5KtuUamni0TN5WaozTjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 16:55:50 GMT

GET
H2 200 dlkLFa46YZW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 91E5 354 KB
92 KB 1195ms
819ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

71f58649cf37e2f58cfaa2eaa1f9e292c721ab462b6bd022dc9e5feb9b8b2ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NiMIzZDBjvLmd+NhP7cSGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93678
reporting-endpoints
x-fb-debug: 5BefuGMEPUYtH2oF4nkETiXxlN7e00j1Jz0myC3Y0/1JfR4Fz4yq9qIeSHqaeRzgJrYWFatW3n+p+h4494AgRA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:18:06 GMT

GET
H2 200 YJcyY7izLGB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 91E5 94 KB
27 KB 1194ms
818ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/YJcyY7izLGB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qj5bFqqBeNQLu7uSNkxJ/A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27471
reporting-endpoints
x-fb-debug: 7pUWswxC/faPP6SIN2aiiUUQxamcHXWruFIDOdfiMWgW0/j0h6/LCupP9FtI6bfMa5FkmOrXN8xj48mgaXNtRw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:33 GMT

GET
H2 200 tbb6w30TkDN.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yz/r/ Frame 91E5 7 KB
2 KB 1195ms
820ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yz/r/tbb6w30TkDN.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HCL+u+2LMSrM7ELnarU2bQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2226
reporting-endpoints
x-fb-debug: 5ktdl38nnKDsn9IiNqlPm0x/hIIGePfp/hs1vcHneiFjH81tgrSqVPa/w2GHGbsT/H6Qts+4gMFfcyNsRe9n8g==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:21:08 GMT

GET
H2 200 NzLu2EgdNec.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 91E5 52 KB
17 KB 1194ms
819ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/NzLu2EgdNec.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZzTJ+p/dtUbDbk1794DOEw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 16835
reporting-endpoints
x-fb-debug: 73k2iytIhZGMSpPw+RP4mWSehKcYLfJmyf0q+wwPUqRwfaiPpR/dmqfoRORqjXuUhk3xE0SP/QN3e3NAoZyN0A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:36:36 GMT

GET
H2 200 p55HfXW__mM.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame 91E5 507 B
487 B 1195ms
820ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: L5E9gSgR735vyjAzTFly4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 293
reporting-endpoints
x-fb-debug: xfgMgiKBNsgcrx1lhN/KAu5TXMhdGyZN+axJ/V6pOqhxELvn5BK6ldlta88fpUHI22PCxZ55HcaQrQzpPfRI7w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:53:20 GMT

GET
H2 200 sGzZqRL36h3.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLxq4/yJ/l/ja_JP/ Frame 91E5 28 KB
8 KB 1194ms
819ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLxq4/yJ/l/ja_JP/sGzZqRL36h3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

7caa36a2429987bf28f857262051ba65268681630d763af8489caa70a3a37dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MbnHOjYedl0dIuyFMKfvEg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7901
reporting-endpoints
x-fb-debug: O2L4k+OCCASHv0QPe/5E3WTKUJSjrVZnq6oVJBkQhpJ1cckYph0AVg9zF0ji0oILTcdPOl71BhKdzjwn7bDuNA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:23:55 GMT

GET
H2 200 KudK-WKp3ZH.js Show response
static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/ Frame 91E5 71 KB
20 KB 580ms
205ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: phAMyoOpvbhoet00DvMWkg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20298
reporting-endpoints
x-fb-debug: V2nMxDNmmBVYt1ddnQGQMNaxsIehY2FpXDZoBdbSez1bMSAOcTxo6yEs5Wv3cuT6XKJ0lOXBe4a0mjapvjd4ww==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:19:01 GMT

GET
H2 200 j5rc18aomdh.js Show response
static.xx.fbcdn.net/rsrc.php/v3i5dO4/ys/l/ja_JP/ Frame 91E5 347 KB
82 KB 578ms
204ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i5dO4/ys/l/ja_JP/j5rc18aomdh.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3edb7d7cf4bd2e766e90db553560c32cff5e84208ecb968a441494cbbe087ec3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: FtDhY4mEJuOM47NZwCNvfA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 83212
reporting-endpoints
x-fb-debug: bDliQmW+3LiTd2da+IWabBy78yymaszjc0v0QoM86nc/XZ0TR7OrydtDM7wayDo2PLnLhuhbP8lQ1GAjYUq3HQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 21:23:44 GMT

GET
H2 200 TioQWlTZ3BG.js Show response
static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/ Frame 91E5 397 KB
94 KB 1192ms
817ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iCNY4/yF/l/ja_JP/TioQWlTZ3BG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: aC8cw5hP/LLy3Ed3OJp1xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 95634
reporting-endpoints
x-fb-debug: oLbxlQI3oDtVbvrJsptWyFdLFCxfF0/G087Hi5bym6g7yu9m4yZ03IV9hzDs3Ajl0FEGTOZTB2uYF/F0RSoXfg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:24:12 GMT

GET
H2 200 qb2Dj7XLRaI.js Show response
static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/ Frame 91E5 57 KB
18 KB 580ms
206ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iB1C4/yR/l/ja_JP/qb2Dj7XLRaI.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4Adm+FXxkwDjHgLJ9sF/4A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 17829
reporting-endpoints
x-fb-debug: nyW4pDFbyjuixRtKkdd8/1tMamMQWBHb9rOxRUCaNeTPs5odfRh8GKReCYsHmyuNL7tiIBRj3caQCxT6iu7rEQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 01 Dec 2024 16:14:55 GMT

GET
H2 200 Yf-9xO1t3is.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yE/r/ Frame 91E5 209 KB
60 KB 1191ms
817ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yE/r/Yf-9xO1t3is.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d891551f129f5784e720c7807cbd10b8b5aa4a8d9440880c32b521e3b89ca346

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2KILPdRBUZJyjxkGI/5ONA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 60957
reporting-endpoints
x-fb-debug: e8O/Yu5TfKTgSsKJGopD+9epMVhsJFYHpxCa9YvgrSq0tWTPK71n3GGDhGmHxaI7POfTY7aJzUXzfy3BsaISVA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 23:19:02 GMT

GET
H2 200 EjdAug5mQIB.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yf/r/ Frame 91E5 28 KB
7 KB 1192ms
818ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yf/r/EjdAug5mQIB.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QpoZNtNrb1RRm+1fPhnrPA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7378
reporting-endpoints
x-fb-debug: ExJewB6tul3iBN/nnaHRWhsU+IjBqXK3MRAmKOgL969enHtQ1QhqCHgsa6uzb5aTikVgCb50ADKpiu4yJl/8LA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 23 Nov 2024 18:21:46 GMT

GET
H2 200 D5W9jnaQkor.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yA/r/ Frame 91E5 56 KB
15 KB 578ms
205ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yA/r/D5W9jnaQkor.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

7c363a0df8fcfb5937f3ea0fd2d1e6bd6d1a5f7e577184fbd8843a4baa2f7d7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6cWcZmvYc5zwxj1LzL9JSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15199
reporting-endpoints
x-fb-debug: oLOz3PDvWq4NW6pdtg+XEp+LcV3P+lAb+YKJ31h/ZG5Tzc3Wnl6fhUvL0P8wNvJSLyiWoPYiew+FIOHL6UslqQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:35:38 GMT

GET
H2 200 325141786_6140032619364934_7377705774471631398_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-6/ Frame 91E5 16 KB
17 KB 938ms
266ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-6/325141786_6140032619364934_7377705774471631398_n.jpg?stp=dst-jpg_s350x350&_nc_cat=104&ccb=1-7&_nc_sid=081abc&_nc_ohc=AFqS8Ov4x6EAX-mX-fv&_nc_ht=scontent-nrt1-2.xx&edm=ADwHzz8EAAAA&oh=00_AfCbINUD5eOm2rv2iLDSsHZ6FOyhSIA4MoN0eRlgYe9Sxw&oe=65778B45
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 13 Jan 2023 04:15:10 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=1433450679
thrift_fmhk: GBAVr21o7FKkUNKXKsW5IOgfFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2910780274
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 16853

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame 91E5 1 KB
1 KB 32ms
31ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX-s8RTq&_nc_ht=scontent-nrt1-2.xx&edm=ADwHzz8EAAAA&oh=00_AfA-5epwpX3sIOXn_Fy2Y51iwT1WdquuhsMFUDiL2UNK8w&oe=65784515
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
thrift_fmhk: GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
347 B 931ms
264ms XHR
text/plain 142.251.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-102456694-1&cid=818198690.1702012101&jid=429401602&gjid=740667252&_gid=461807772.1702012101&_u=IEBAAEAAAAAAACAAI~&z=794103861

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.170.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tc-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 08 Dec 2023 05:08:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
129 B 67ms
66ms Image
text/plain 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1675200226052423&ev=PageView&dl=https%3A%2F%2Freurl.cc&rl=&if=false&ts=1702012101106&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4124&fbp=fb.1.1702012101104.355381421&cs_est=true&pm=1&hrl=7a1c4f&ler=empty&it=1702012100828&coo=false&cs_cc=1&rqm=GET

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 08 Dec 2023 05:08:21 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/ 431 KB
135 KB 33ms
32ms Script
text/javascript 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 11:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63129
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138171
x-xss-protection: 0
server: cafe
etag: 7807444821274263820
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 06 Dec 2024 11:36:12 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
249 B 686ms
170ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702012100404&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=818198690.1702012101&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702012101&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1760
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 551ms
315ms Ping
text/plain 142.251.170.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-N394QBRGC0&cid=818198690.1702012101&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.170.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: tc-in-f155.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
107 B 685ms
176ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-N394QBRGC0&cid=818198690.1702012101&gtm=45je3bt0v897965293&aip=1&dma=0&gcd=11l1l1l1l1&z=1832485578

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 686ms
251ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-aa2f"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:08:22 GMT

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 11 KB
5 KB 245ms
119ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:21 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 30 Oct 2023 20:31:13 GMT
server: cloudflare
age: 25179
etag: W/"65401291-2b7d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 83227d754f996861-NRT
expires: Mon, 11 Dec 2023 05:08:21 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 307ms
189ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:29:45 GMT
content-encoding: gzip
age: 290316
x-guploader-uploadid: ABPtcPov-txRzSmQTRO-Tz408XDiITKVvPNRo9Mu4E3aZKZgOTVSS2nrvbBIooMmUkM8ZWHdCPvkPanRjsnrlPSgAeT94w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Tue, 03 Dec 2024 20:29:45 GMT

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 431ms
302ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: f1621d02f90477c4360065cd6395ebed
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 316ms
118ms Script
text/javascript 18.65.185.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-102.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:48:55 GMT
content-encoding: gzip
via: 1.1 49b964f897a5e1c9f9d0e182630ef7ca.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 37421
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: B4QEvZLun2KBd_we9S-qMAMs2znfUT-CTXT_BnmJTXf43lUrQd5g3Q==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 427 KB
98 KB 582ms
580ms Fetch
text/plain 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2279783616362417&correlator=540580590256986&eid=31079992%2C21065724&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=128002626%2CGPT_%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8reurl%2C13847%2C13848%2C13856%2C14210%2C14209&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6&prev_iu_szs=728x90%7C970x90%2C300x250%2C300x250%2C300x250%2C1x1%7C320x50%7C300x100%7C320x100&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702012101820&lmt=1702012101&adxs=245%2C1005%2C245%2C625%2C245&adys=505%2C108%2C108%2C108%2C358&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=1140x90%7C380x250%7C380x250%7C380x250%7C1140x50&msz=1110x90%7C350x250%7C350x250%7C350x250%7C1110x50&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&ga_vid=818198690.1702012101&ga_sid=1702012102&ga_hid=206560846&ga_fc=true&dlt=1702012100015&idt=1768&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=81851380%2C1451399479%2C827794272%2C3242553145%2C3271617715&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

1eb91904f5d6045446e6d48cf2bcf58c479cb4563d98bf3e6b52646d405c69b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100362
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,6297900949,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,138432357881,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 443ms
442ms Fetch
text/plain 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2279783616362417&correlator=540580590256986&eid=31079992%2C21065724&output=ldjh&gdfp_req=1&vrg=202312050101&ptt=17&impl=fifs&iu_parts=21787810958%2CTW_reurl.cc_res_all_truvid_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C1x1&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1702012101832&lmt=1702012101&adxs=1353&adys=1197&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Freurl.cc%2FgaOWLp&vis=1&psz=195x-1&msz=195x-1&fws=512&ohw=0&ga_vid=818198690.1702012101&ga_sid=1702012102&ga_hid=206560846&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYucnOvsQxSABSAghkEhsKDDMzYWNyb3NzLmNvbRi5yc6-xDFIAFICCGQSHQoOZXNwLmNyaXRlby5jb20YuMnOvsQxSABSAghkEhcKCHJ0YmhvdXNlGLnJzr7EMUgAUgIIZBIUCgVvcGVueBi5yc6-xDFIAFICCGQ.&dlt=1702012100015&idt=1768&cust_params=url%3D%252FgaOWLp%26ref%3Dnull&adks=3261691140&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

43a126083af1bd2689884402323590b7859a00ea93e57fccbf87332f04333553

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12593
x-xss-protection: 0
google-lineitem-id: 6263003938
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138428653768
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1641 6 KB
3 KB 666ms
167ms Document
text/html 142.250.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:22 GMT
expires: Sat, 07 Dec 2024 05:08:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 558ms
103ms Image
image/gif 142.250.199.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=818198690.1702012101&jid=429401602&_u=IEBAAEAAAAAAACAAI~&z=1825087455

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
408 B 127ms
119ms Image
image/gif 142.251.42.163
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-102456694-1&cid=818198690.1702012101&jid=429401602&_u=IEBAAEAAAAAAACAAI~&z=1825087455

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s46-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1

85 B
195 B

142ms
142ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: f72f5b810352a7770cea165cb5e3fd4f7186d103fe25d56c477ec02e8a67a107

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-kz++gtqgMGNIaK6aCufngZBkXLs"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 08 Dec 2023 05:08:22 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://reurl.cc
location: /esp?url=https%3A%2F%2Freurl.cc%2FgaOWLp&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
610 B 361ms
177ms XHR
application/json 13.215.134.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.215.134.10 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-215-134-10.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5795b76d6ff43423837d4536b1f91e283d790892cc577255cdb5069da72de46d

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://reurl.cc
cache-control: no-cache
x-server: 10.42.11.225
access-control-allow-credentials: true
content-length: 156
expires: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 21CF 0
0 179ms
179ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuccsjtvaR0eNXQ_krq3LZ5Kc5U-mOlWVLdMKd4D1b2wxGRTcfHMIQpNx2uaYuu9pQ8noxejALKZKKPy9gWUYLVop3z2u6nWKeeWRPeJJiCmEQgBVP6BVrlP70r3wBy9YVGczHZcgxLynkjvfGQpLJ47kT6eNS2dBJ7YY64OXl_eT-ZRjBSuZJvAHKr1Mj1J5pmhcp7Vf_od7cOvAU-9HVKOJUGcIaFMcfHBq3TjVWNLFXhoBu1Dgj6hyDdXUBWK0bOFfKWoq1LpIR_BaQpBI-_O3NFZ-YUrm7csghZV9YZYzVmy09uOBrHou9logjwI_vbwFgKsjG9QzB1ScMKOUVVhjv3F-DL0OKyYYjyncoHuTUMPjhziP6Eoz4&sai=AMfl-YRNTkR0V952wrx2URgrYIpTlc2FL1LlRmhNU6UD5p7gvQfE_OigNeBP-XjHjgkAYNPDlUwMtKYnIoUD38aB-_9975EsgKOogay26B5aE8SRJjAbz_Z59b9_Hr4EaCp9kreCnvGn-9Y9Y8-Ms65sL1Q3grNV-cdQtbq1PTw&sig=Cg0ArKJSzGZtFsbwq53iEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 7942.js Show response
cnt.trvdp.com/js/1250/ Frame 21CF 535 B
899 B 222ms
114ms Script
application/javascript 18.172.52.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1250/7942.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.52.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-52-87.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 10 Oct 2023 04:28:17 GMT
via: 1.1 625de2f1411217f73790fcae4370e2ac.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:54:16 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-P2
age: 5100006
etag: "f229c3a6991d60be41be6d40e220701e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 535
x-amz-cf-id: Mml9kojFxNIe-H9pMNQmNFRwdaJR-kqncHjJxpEOYlQQR_3-I_Kz8w==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 21CF 202 KB
64 KB 451ms
66ms Script
text/javascript 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 container.html Show response
2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 333C 6 KB
3 KB 44ms
43ms Document
text/html 142.250.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:22 GMT
expires: Sat, 07 Dec 2024 05:08:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 UXtr_j2Fwe-.png
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame 91E5 573 B
834 B 315ms
15ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/UXtr_j2Fwe-.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:22 GMT
x-content-type-options: nosniff
content-md5: 07aG/2AEtDHVAZ5LUajMDQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 573
reporting-endpoints
x-fb-debug: ZD3QxG4H8eTNbhHaKOzszlH4EtHKvLShzewdJeBbNtZmfDVFH+Y9gPvS5cqCqRkE52XvbU/eG5BqgT6K7eJRzw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 21:03:22 GMT

GET
H2 200 / Show response
www.facebook.com/platform/plugin/tab/renderer/ Frame 91E5 89 KB
22 KB 471ms
471ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22776730922422337%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F%22%2C%22width%22%3A340%2C%22height%22%3A500%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Freurl.cc%2FgaOWLp%22%7D&fb_dtsg_ag&__user=0&__a=1&__req=1&__hs=19699.BP%3Aplugin_default_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010282616&__s=%3A%3A1tq56l&__hsi=7310086308425931047&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG78b87C1xwEwlU-0nS4o5-0ha2l2Utw78waOfwbK0RE5a1qw8W1uwa-7U1bo6i6811E2ZwrU6C0L836w5Kw&__csr=&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

53825c87b66d9382629be4243edacbadd423e957926f4e6096a2d64391aa90ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: rCU_KE96bHBvi7mKz-WleW
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: uGCur0d354YSW+1OYNsUw8dt6T+QesMR6KbzEWmXX3cusYQzV6apVhxem+22qbAJu+8/gMvy2kbp2Hi952YylA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/platform/plugin/page/logging/ Frame 91E5 62 B
638 B 160ms
160ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/platform/plugin/page/logging/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

68a9a625cd4435359405824316f4caaa0e68f8ec76bfdef2b4974a59510a37c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: rCU_KE96bHBvi7mKz-WleW
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: jNiSMCggqwJrC5wIeFL1bCTl9rBfTHjmNkVtPFgskOKWaGH/RmxNn2iia/DWV1Vx1NcIANVdoVa8OPmF4sdH5Q==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 91E5 1 KB
843 B 160ms
160ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=136500184423162&surface=pagePlugin&unit_type=VIEWER

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3irB34/ye/l/ja_JP/KudK-WKp3ZH.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

b457f55c3e857e39d1bfe1af96f5e6800547dc8ccfc93e042fdf79d4f963f508

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: rCU_KE96bHBvi7mKz-WleW
Referer: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:22 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: GQ7lpM+frJNDQGuqbQ22DXopxDIbkgY1oHJ/y4K9EezcVhhvBg++uJwZGhYv568Italfg57GqJ447J87VuMd5w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 7942.js Show response
go.trvdp.com/init/ 6 KB
6 KB 73ms
22ms Script
binary/octet-stream 18.65.185.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/7942.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1250/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.185.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-129.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 16:21:32 GMT
via: 1.1 e2c8002b641a97071a2eeced48924a54.cloudfront.net (CloudFront)
last-modified: Sat, 25 Mar 2023 08:02:02 GMT
server: AmazonS3
x-amz-cf-pop: NRT57-P2
age: 19313211
etag: "cec9f63f120ca9bc6868582a79e6b514"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: binary/octet-stream
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: Y-PoxpAh5GgyqTD4qFQP6QQGeg_Er6-LxqwgKhblfBuMKnU-QMmvmw==

GET
H2 200 container.html Show response
2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C1C 6 KB
3 KB 35ms
35ms Document
text/html 142.250.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:22 GMT
expires: Sat, 07 Dec 2024 05:08:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 66E3 6 KB
3 KB 29ms
28ms Document
text/html 142.250.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:22 GMT
expires: Sat, 07 Dec 2024 05:08:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79CC 0
0 60ms
59ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurUiJqPQRqRkHitvFmVYyqOpgcDMLfNrK1mpQtUk3elyGAiF86zPjX1ncBt2reAhyiFCcjy0uyML5T7XpVw0RV4FWPhdCkJNZE4nInvzCGHzQXzxiI6bpATisuI7bNkhZw26wW8e3W-kBkIMQhOdaTk6bsFyckBjU5tpbCi7WdJYWfsspCsg1hMxR9xfhZ7LOHFUI9G6XslEs2pkEZnb_mKl5jGmMYhKPvQIqgEnVgROLR8rK7NfVVxQk4NMtd_6Fz_Jeq9nPPgVHCE34A3rg_Ev4h6IRJksF9KL96ilhQVPErTy8LByUoZOo6o71i59ieL9X5YMGJcCnGj2subZbFT7EDZfXDPQ0cAOvrcZpn--8gRYjCsfOGuwGJ-UA6&sai=AMfl-YRDLAFB97jdFUPmmVvRUrmJjtW09QX4Zz-YLeLpPS8QSGUEdV3d6_PbAOx9Y-_aYaYZQY8z8a7CzIE9Uvis3zC5unnLKIPJbKzoeFXct0fTn87a-Bgq2s4VlR-gOMbZAwv7t3ufhFTzQV1dH1VbVvaxC8cb_6L9oxwEeQ&sig=Cg0ArKJSzGjfJVOvNxGeEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 79CC 9 KB
10 KB 356ms
17ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: kqwLJ6.9f5_e_Sr69Yo8hHbOs4Gt6EPi
date: Fri, 08 Dec 2023 05:07:53 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Wed, 15 Nov 2023 00:04:29 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 40
x-amz-server-side-encryption: AES256
etag: "2b18447e41c64d14195cefd72eb57400"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 9645
x-amz-cf-id: 3VvvgrVynAexwBh2AFLRI66h4fdrTUS_QotvJJW9zEiz-zerC_uwGg==

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 79CC 202 KB
64 KB 195ms
150ms Script
text/javascript 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 container.html Show response
2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1330 6 KB
3 KB 25ms
24ms Document
text/html 142.250.207.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:22 GMT
expires: Sat, 07 Dec 2024 05:08:22 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame EA4F 15 KB
6 KB 435ms
74ms Document
text/html 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:22 GMT
server: Kestrel
server-processing-duration-in-ticks: 366276
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 b03rUpj3fKJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 91E5 12 KB
4 KB 18ms
16ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/b03rUpj3fKJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: pG8ZphjXUfeB/6xAtn+7sQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3454
reporting-endpoints
x-fb-debug: DRdGtH5o58z6Xkn/N2MFJuS7rGjvEI0Xixz49NLzf9FuXBFtimHQo4N7Fnk9RjGe517xC7vX3A7fxbvNkQyjHw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:16:34 GMT

GET
H2 200 C8LrV2fV5JS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 91E5 339 KB
73 KB 18ms
16ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/C8LrV2fV5JS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uzIAFtOVooYStiVL9khrKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 74671
reporting-endpoints
x-fb-debug: WFWC+pJi/TmV7uPVZaD2eVVnDg380PeWbtKUfBbFBf8EkriFhYc+AdkB0M3oaAX9U2hBq0B9WCOnjL5WGPJUBg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:47:54 GMT

GET
H2 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 91E5 2 KB
1 KB 18ms
16ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 18:22:49 GMT

GET
H2 200 1igfs7II_g6.png
static.xx.fbcdn.net/rsrc.php/v3/yd/r/ Frame 91E5 12 KB
12 KB 344ms
44ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yd/r/1igfs7II_g6.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yA/l/0,ja_JP/V-GL57iHfEB.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
content-md5: Bsv/k/2TeJemYEeLUt4www==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12027
reporting-endpoints
x-fb-debug: IelIUaaXgpvYzHdmliRgH8JaNZqmB03FG4wBEViLkwuWwSuPoKD7LEwtRa+4SN2rUE6kKUPJ6IpWIR7IlJE0cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 20:21:49 GMT

GET
H2 200 xgVgalBG80z.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 91E5 1 KB
1 KB 344ms
44ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/xgVgalBG80z.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
content-md5: rB4cTW8WNZcBsFntToJGtA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1315
reporting-endpoints
x-fb-debug: B4HTGQ8+lgFXoP4gLeSnwqSjSEJO/Zl+YNLjxf7ZNPD8mam0snchpe5q3k9M4yU4g3+9Q+hej9DQoYa1pIm8Tg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 01 Dec 2024 17:51:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 333C 838 B
491 B 523ms
102ms Stylesheet
text/css 172.217.175.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%B4%A5Y%EF%BC%915%E5%88%869d%E3%82%AAD%202%E3%81%86%E3%81%AA%E3%83%8BO%E9%96%8B%E3%83%AB%E5%8E%9F%E7%AF%89%E3%82%92%E3%83%A1%E3%83%B3%E5%AF%8C%E5%9C%B0%E6%9C%A8%E4%B8%811%E6%99%82%E3%82%A4%EF%BD%9EN%E3%82%AC0%E8%A5%BF%E9%9D%92%E3%83%A6%E3%81%8F%E3%81%A1F%E3%81%AF%E3%83%A2%E7%9B%AE%E3%83%BC%E5%B8%82%E3%82%89ASe%E3%83%8D%EF%BC%94%E2%88%92%E8%B2%B7%E5%8F%B0%EF%BC%9F%E6%9B%B4W3

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f10.1e100.net

Software

ESF /

Resource Hash

ba28f54d3ac3c8b623c7c8a0317892d27a10c9c22534d5bed6f9248dde2d1442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 05:08:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 333C 14 KB
2 KB 496ms
76ms Stylesheet
text/css 172.217.175.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 03:19:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 333C 2 KB
903 B 632ms
210ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:50:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 333C 24 KB
9 KB 631ms
210ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:47:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 333C 3 KB
1 KB 631ms
210ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:56:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 333C 20 KB
9 KB 459ms
38ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:44:04 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 333C 202 KB
64 KB 147ms
147ms Script
text/javascript 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 333C 37 KB
16 KB 523ms
72ms Script
text/javascript 142.251.222.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 19:07:20 GMT

GET
H2 200 11935577162394365096
tpc.googlesyndication.com/simgad/ Frame 333C 1 KB
2 KB 621ms
213ms Image
image/jpeg 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11935577162394365096?w=100&h=100&tw=1&q=75

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

07a4e6e29c941243f89b66b95f71169d367abe2df067120a46ed95e522f78914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:12 GMT
x-content-type-options: nosniff
age: 282311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1309
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 06:33:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 22:43:12 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9631 448 B
256 B 561ms
70ms Document
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNWXIHus7k-xUNT7DBB4Vdpeb0gGJ8ngWKI5WUpl7I-6gTlTZlv66FhaYnnJ8nZXgBEcn_26oFQfTBViZM0-MIsULapEqg

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7C1C 89 KB
31 KB 610ms
170ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C1C 42 B
401 B 514ms
75ms Image
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIdcguITvxHt-8GyoFHHCIbMkiLOz1IDldUgfJTZfyeymAxJGNueL9Po245zOrm1xfRtKIkg_SqzbsKDkkMEEZ2MRXSNVez-UaFq-dRjGf-IBjPmA

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 7C1C 2 KB
1 KB 520ms
43ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158900&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0i6paopvQHxhzuQmh7G7-IR&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sat, 09 Dec 2023 05:08:23 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 7C1C 9 KB
4 KB 523ms
44ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0i6paopvQHxhzuQmh7G7-IR&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Fri, 08 Dec 2023 05:23:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7C1C 3 KB
1 KB 606ms
211ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:56:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 7C1C 20 KB
8 KB 462ms
67ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:44:04 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C1C 202 KB
64 KB 123ms
120ms Script
text/javascript 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 95C5 448 B
549 B 557ms
69ms Document
text/html 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNXYq1z5bAcKnWEamMkPZBVKL2kYkhWEOhZkUcfTUfxizWe8U8x0fc4BFbf4YsBxPxasdGOV7v57cmXeEezNTxOzPgLkfw

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

cafe /

Resource Hash

b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 66E3 89 KB
31 KB 835ms
398ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E3 42 B
107 B 511ms
75ms Image
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DF9CvF9nTdnjexeXDsf9w0zXD__Cu4rv1-KpVC2_tLV4ecee1IvWLnNaXkZlBZvfFf81jizENToLqiwFiuwadT1xoeAuKaGpAPjcBBjnJq3HQFo98

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 66E3 2 KB
1 KB 521ms
42ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158900&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iiHPlrTZV1w_DO-3v2j1M4&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:51 GMT
Server: UploadServer
ETag: "4bec59ab2a9fb77e9ba1af294cf3504b"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 932
Expires: Sat, 09 Dec 2023 05:08:23 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 66E3 9 KB
4 KB 515ms
43ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&autt=1&ppid=103&aufilter1=3060631&auevent=ABAjH0iiHPlrTZV1w_DO-3v2j1M4&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Fri, 08 Dec 2023 05:23:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 66E3 3 KB
1 KB 603ms
211ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:56:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 66E3 20 KB
8 KB 535ms
144ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:44:04 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66E3 202 KB
64 KB 210ms
210ms Script
text/javascript 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1330 838 B
468 B 558ms
177ms Stylesheet
text/css 172.217.175.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%9D%92F%E3%83%8D%E3%82%89%E3%83%BC%E5%8F%B00%E8%B2%B7%E5%B8%82%EF%BC%91%E6%9B%B43%EF%BD%9EW%E8%A5%BF%E3%82%AC%E3%81%AF%E3%83%A2AeS%E7%9B%AE%E3%81%A1%E3%83%A6%E3%81%8F%E5%9C%B0%E9%96%8BO%E3%82%92%20D%E3%83%A1%E3%83%B32d%E3%82%A4%E5%8E%9F%E7%AF%89%E5%AF%8C5%E6%99%82Y%E6%9C%A89%E6%B4%A5%E2%88%92N%E3%82%AA%EF%BC%94%E5%88%861%E4%B8%81%EF%BC%9F%E3%83%AB%E3%81%86%E3%81%AA%E3%83%8B

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f10.1e100.net

Software

ESF /

Resource Hash

ba28f54d3ac3c8b623c7c8a0317892d27a10c9c22534d5bed6f9248dde2d1442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 05:08:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1330 14 KB
1 KB 504ms
122ms Stylesheet
text/css 172.217.175.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 08 Dec 2023 03:16:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1330 2 KB
856 B 600ms
213ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:50:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:50:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 1330 24 KB
9 KB 599ms
212ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:47:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1330 3 KB
1 KB 598ms
212ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 15:56:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 15:56:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 1330 20 KB
8 KB 545ms
159ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:44:04 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1330 202 KB
64 KB 212ms
210ms Script
text/javascript 142.251.42.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:08:22 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 1330 37 KB
15 KB 547ms
130ms Script
text/javascript 142.251.222.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Wed, 06 Dec 2023 04:10:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 06 Mar 2024 19:07:20 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame CD68 484 B
721 B 101ms
65ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: aec688a4af6aa04c9f761a80eeede15e335855823014c61694cb988d30038acd

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 306
content-type: text/html
date: Fri, 08 Dec 2023 05:08:22 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 11935577162394365096
tpc.googlesyndication.com/simgad/ Frame 1330 1 KB
1 KB 595ms
213ms Image
image/jpeg 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11935577162394365096?w=100&h=100&tw=1&q=75

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

07a4e6e29c941243f89b66b95f71169d367abe2df067120a46ed95e522f78914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:12 GMT
x-content-type-options: nosniff
age: 282311
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1309
x-xss-protection: 0
last-modified: Wed, 29 Nov 2023 06:33:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 03 Dec 2024 22:43:12 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 3 KB
2 KB 600ms
563ms XHR
application/json 143.204.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1250&wid=7942&cb=397.32976720378235&pid=5434&url=https%3A%2F%2Freurl.cc%2FgaOWLp
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-90.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: 723bb40b9d713f8788e6aea3edcb404f8f59ae9d2f7eb24c962906eed26c5023

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: CmRprWVbl4L52tshmGutRrjTWscP8lyN_4p3-aUsMmvqrdfkUt3FSg==

GET
DATA 200
OK truncated
/ Frame 21CF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3dbfcfa0f908c7c34602e8cfcbf21d967fca3b6564c78fabd573e3afae9816d

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 21CF 0
0 837ms
119ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss_0s28anbID94M1NiDW-Zc_8yO3JEI-hZKYZYn6A8ytFKMlzvU3cNdK1OOZEZE36adj76XLYYqomAFy1cGKHGepzIlBatVdGxtqvuG664n-HNyLyT_SNEvKysaWeHGNqABz0VlCP3G_9Os20RkWWEZIUnN_AecBwT1oM6LrhqJs9QejwjRLpSiE8WM7nPgKTJuseTPsNGAz2TP94rdW36NCAUyb0n3LMbaeNpcqkvMB4jH-7aox-HUdZIEq5o48eN_oG4ga97EJklLM_i9NEPQ4wHvc_iuhp6HZlBdUGoe67cMOMc3ab-uzjtjag_hyPpMV64FgLsKLRt-1xNbSbqg7L_jnqVDdquVz994Q63aCfaL_4q5dibXBrKW5g&sai=AMfl-YQCKQDBVa2JCf9foT0ja6zQlzGNWVTbELtvjBJAOD0VxRFhv7raLs8k6joyJCTssAfOtZc2O1kJppZImm1Zv-fLOrY3mwWEuYGCj57d1zl0vQz7ox3I1OKaIWDbTCCEemFsah9EHM5T_NsstcnnoQhY8Fo-VLCw8c7vomc&sig=Cg0ArKJSzHG6Q3JtX1QpEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 05:08:23 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CD68
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=881cf4a2-e987-4e73-995b-5bb680f9b34d&ttd_puid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0&gdpr_consent=

43 B
240 B

91ms
90ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=881cf4a2-e987-4e73-995b-5bb680f9b34d&ttd_puid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=881cf4a2-e987-4e73-995b-5bb680f9b34d&ttd_puid=89efb754-36b3-79b7-f0d7-dfea9ee8023f&gdpr=0&gdpr_consent=
date: Fri, 08 Dec 2023 05:08:22 GMT
server: Kestrel
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame CD68
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXKkxsCo8XYAALgmnUMAAAAA

43 B
171 B

56ms
55ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXKkxsCo8XYAALgmnUMAAAAA
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Fri, 08 Dec 2023 05:08:22 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"114.172.236.131","key":"ZXKkxsCo8XYAALgmnUMAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40146"}
X-SO-Key: ZXKkxsCo8XYAALgmnUMAAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40146
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZXKkxsCo8XYAALgmnUMAAAAA
Cache-Control: private
X-SO-HostName: a-ad40146.dc2p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng18.dc4p.scaleout.jp
X-SO-IP: 114.172.236.131

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame CD68
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQS_G93HEHSRks8AEDmpjzFXRc8AAAGMR9OpPw

43 B
97 B

90ms
90ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQS_G93HEHSRks8AEDmpjzFXRc8AAAGMR9OpPw
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
via: 1.1 5fd303e4294789c9f7d3efeddb26eaf4.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: NRT57-C3
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQS_G93HEHSRks8AEDmpjzFXRc8AAAGMR9OpPw
cache-control: no-cache
content-length: 0
x-amz-cf-id: Wuuv03O5eIqg-tG5T2WU1BtfcmUfkbNHMHMQd91VzYVkUGf1LNFBXw==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame CD68 170 B
243 B 144ms
70ms Image
image/png 142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTU4MDY0OWUtZmZjNC0yNzEzLWU1MzctODU1MzU0MGFjYzVm

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame CD68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMs_nVKSHSpaLmaDW6GdZXQ&google_cver=1

43 B
97 B

121ms
120ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMs_nVKSHSpaLmaDW6GdZXQ&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: ja-JP
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEMs_nVKSHSpaLmaDW6GdZXQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 79CC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74b9c2d4a62a1005c38a8b2b95d59507fa67f5334bc56ccf69a82ff99df3fdd2

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame E15C 10 KB
10 KB 93ms
93ms Document
text/html 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 5
content-length: 9921
content-type: text/html
date: Fri, 08 Dec 2023 05:08:23 GMT
etag: "d9100a146ee339f43d0752ef9c998a0d"
last-modified: Tue, 17 Oct 2023 03:41:19 GMT
server: AmazonS3
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
x-amz-cf-id: hMM2-npGewC4He4C2REz5MsZvUa9xBxhN-8ykxyDQXqGM3RzdRWP0Q==
x-amz-cf-pop: NRT20-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: TarNhskOd4wxrR7dgXgmC4vTJkUNVmiW
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 2582 11 KB
11 KB 88ms
87ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: sUewYZ164bQu5qk_dMgvLFORn.sMjJoF
date: Fri, 08 Dec 2023 05:07:53 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:41:00 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 54
x-amz-server-side-encryption: AES256
etag: "f4a52d8d8c27ce73cc789edbfef51e62"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10828
x-amz-cf-id: FmO1Wc-prVqYSKo-jZ6umfZBXA3UkOsLgOAnlB_MSMCZgnSPTwTvOg==

GET
H2 200 2Yd4YbKG5Pn.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,ja_JP/ Frame 91E5 25 KB
6 KB 67ms
66ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,ja_JP/2Yd4YbKG5Pn.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b0f0fbf9b3cf511347cdd240a5b9d150a7bda064d49fcef52e4c0b7ef4451ae7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xWnyiPeKG/Tr+DMpGMsEHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5785
reporting-endpoints
x-fb-debug: S2Kqu6AMebqaf9ow+ZSsmjAQufXLAtMp+7UqJwRaICPt4OksO+pOoTrehKjdZ+WzDrtvCD9rZ2N8SrSRO57ScQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 00:25:31 GMT

GET
DATA 200
OK truncated
/ Frame 91E5 2 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: text/css;charset=utf-8

GET
H2 200 52LYZIhy45E.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yX/r/ Frame 91E5 61 KB
16 KB 66ms
66ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yX/r/52LYZIhy45E.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: C2gh+uM0z58qULSGo8hJKg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15948
reporting-endpoints
x-fb-debug: DsFmn3sjkxjUITDS21aiRbUVXn1dQLIWyufgzBAPDX1kFio1XtENCaBGlbEqrj5rZ8EeX/q1fu/rzqYxsreF1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:15:21 GMT

GET
H2 200 2_UQu_HhTQu.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 91E5 8 KB
3 KB 66ms
66ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/2_UQu_HhTQu.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9fmJr3THTP07qrIGN3DNCQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2755
reporting-endpoints
x-fb-debug: HMaNtlbuCjQPb7EmW1j/VRg1zZmIGUS5Ky512yFhYQDsuGshkqxejSN/VEVnkq74Jc2IaOQAsaIe7N+BOCFXIg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 30 Nov 2024 16:08:04 GMT

GET
H2 200 ie38mp0O07P.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 91E5 25 KB
10 KB 67ms
66ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/ie38mp0O07P.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CEYVgZg04j7erS0ub7sNsg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10390
reporting-endpoints
x-fb-debug: Lr2tatQQ2pAfLRBI7lIWSfa05UyW82wJJy6OUNTQbHSv+Y6xQ0nj7k6xuNcJhuqk/DQfSyLhWjQunM+PK3YEjQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:18:30 GMT

GET
H2 200 Preset.js Show response
ad.holmesmind.com/adserver/ Frame 2582 1 KB
673 B 193ms
75ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/Preset.js?z=14210
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 js-md5.js Show response
cdn.holmesmind.com/js/ Frame 2582 30 KB
30 KB 71ms
71ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/js-md5.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: GJjk5mkGsSOM8o1hDQLuy7m.Hsc3NZ3.
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:04:56 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 2
x-amz-server-side-encryption: AES256
etag: "ab3f6a2aedec7585237d5fb727bebcbb"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 30621
x-amz-cf-id: 76PeanoSl-qXuTUee2s6TBHh4S1taqOfQx9TJM04qz1COQP0JDWRNA==

GET
H/1.1 200
OK /
cm.lndata.com/ Frame E15C 35 B
470 B 340ms
82ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/gif
Date: Fri, 08 Dec 2023 05:08:23 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame BAC6 0
218 B 157ms
45ms Document
text/html 18.178.12.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.178.12.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-178-12-4.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:23 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame 2460 332 B
473 B 6294ms
6180ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:29 GMT
referrer-policy: no-referrer

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame E15C 409 B
632 B 188ms
89ms Script
application/javascript 52.192.40.163
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.192.40.163 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-192-40-163.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 08 Dec 2023 05:08:23 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame E15C 5 KB
3 KB 254ms
102ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 08 Dec 2023 05:18:23 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame E15C 0
217 B 187ms
76ms Image
text/html 18.178.12.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.178.12.4 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-178-12-4.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame E15C
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
497 B

143ms
142ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

google
m.holmesmind.com/ml/ Frame E15C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=clickforce_dmp&google_cm&cf_uid=undefined&uu_m=undefined
https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMFReFyeNizC6okyvC2p-vI&google_cver=1

0
471 B

150ms
81ms

Image
image/png

35.227.249.156
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMFReFyeNizC6okyvC2p-vI&google_cver=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.227.249.156 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 156.249.227.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-guploader-uploadid: ABPtcPpOGemzxNIIbNMltuI3_0jjeesHKwUb-AjOAq3bGIkHybRhsnkKtSxzwHeMYZStZh2UiV76WA3a_yCPdLsH-Nkq4y4YWK7m
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
last-modified: Wed, 21 Feb 2018 07:36:41 GMT
server: UploadServer
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-goog-generation: 1519198601160228
content-type: image/png
x-goog-hash: crc32c=AAAAAA==, md5=1B2M2Y8AsgTpgAmY7PhCfg==
cache-control: public, max-age=3600
x-goog-stored-content-length: 0
accept-ranges: bytes
expires: Fri, 08 Dec 2023 06:08:23 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://m.holmesmind.com/ml/google?cf_uid=undefined&uu_m=undefined&google_gid=CAESEMFReFyeNizC6okyvC2p-vI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame EA4F 422 B
548 B 86ms
86ms Fetch
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertagids&domain=reurl.cc&sn=ChromeSyncframe&so=0&topUrl=reurl.cc&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a3adbeca40ebac16516095db3eaa60c0bb59142d2abdf8f8ad6474af0cbb7839

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:22 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1187521
expires: 0

GET
H2 200 305964663_450890893727816_1742559653774706626_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame 91E5 1 KB
1 KB 60ms
59ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/305964663_450890893727816_1742559653774706626_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=110&ccb=1-7&_nc_sid=4da83f&_nc_ohc=wnzSsJ60VVQAX-s8RTq&_nc_ht=scontent-nrt1-2.xx&oh=00_AfDnOVFSac5oWGQ23AjVoy2PDLIPMET6ffK7rDIVMid9uQ&oe=65784515
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Thu, 08 Sep 2022 19:16:03 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2540016234
thrift_fmhk: GBBuInxWv/H3KKPev1vnnVEuFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 88386505
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1345

GET
H2 200 10041237451703642184
external-nrt1-2.xx.fbcdn.net/emg1/v/t13/ Frame 91E5 24 KB
25 KB 107ms
105ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://external-nrt1-2.xx.fbcdn.net/emg1/v/t13/10041237451703642184?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2FCoupang%E9%85%B7%E6%BE%8E%E6%8E%A8%E8%96%A6%E4%BF%A1%E7%94%A8%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbGnbqPazgZLyXQ-ZDVCRqBWrCjh3KvMiVbT4AjCGI8ZeQ&oe=6574366A&_nc_sid=e42f53
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 4cae1a25d86e49521475bc48221489901b3b39d63c07e9889de221bad8d7ac16

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
last-modified: Sat, 18 Nov 2023 18:26:20 GMT
x-fb-original-response-code: 200
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2843534909
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
x-fb-original-response-reason: OK
content-length: 25039
alt-svc: h3=":443"; ma=86400

GET
H2 200 9383379062544900719
external-nrt1-2.xx.fbcdn.net/emg1/v/t13/ Frame 91E5 32 KB
32 KB 107ms
105ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://external-nrt1-2.xx.fbcdn.net/emg1/v/t13/9383379062544900719?url=http%3A%2F%2Fcreditcards.com.tw%2Fwp-content%2Fuploads%2F2023%2F09%2F%E5%85%83%E5%A4%A7%E9%91%BD%E9%87%91%E6%99%BA%E5%AF%8C-icash-%E5%8D%A1.jpg&fb_obo=1&utld=com.tw&stp=c0.5000x0.5000f_dst-emg0_p476x249_q75_u&ccb=13-1&oh=06_AbE44gzztQaF_2Gyr6D4_vjma6qmOL3il1pFkDHCvCXaKQ&oe=65747ED7&_nc_sid=e42f53
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: c7b4b5dc3ddc85576c11a8d1fe5d82316632454870c40f31616ccc4e249c4fc6

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
last-modified: Sat, 25 Nov 2023 03:04:28 GMT
x-fb-original-response-code: 200
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=264420440
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
x-fb-original-response-reason: OK
content-length: 32258
alt-svc: h3=":443"; ma=86400

GET
H2 200 377339650_120200301975300248_5194458254965859906_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t45.1600-4/ Frame 91E5 21 KB
21 KB 107ms
107ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t45.1600-4/377339650_120200301975300248_5194458254965859906_n.jpg?stp=c0.36.1200.628a_cp0_dst-jpg_q75_s350x350_spS444&_nc_cat=111&ccb=1-7&_nc_sid=528f85&_nc_ohc=jvO2BowEKi4AX_QHQzN&_nc_ht=scontent-nrt1-2.xx&oh=00_AfAPhn15CWK4r3g3kiWk09iQqkjMzNu6tTEVKW4TndRmAQ&oe=6576AFF6
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: dbd47670b0bb46f0bf402a24a3793ed813de07921a104da141c9d68e5f5cd074

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 15 Oct 2023 12:04:46 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=2355244660
thrift_fmhk: GBAIkjxM60YhqGYNyuU0UW9aFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 620079190
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 21355

GET
H2 200 377987026_690579996425570_2654391587099280527_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-6/ Frame 91E5 13 KB
13 KB 357ms
357ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-6/377987026_690579996425570_2654391587099280527_n.jpg?stp=cp6_dst-jpg_p160x160&_nc_cat=101&ccb=1-7&_nc_sid=ab7367&_nc_ohc=vaWDLbBQVTYAX_YHZXH&_nc_ht=scontent-nrt1-2.xx&oh=00_AfAq-NF1rH3gr4pTtvCvlnywfWR0gpuzg7k36L0o_C4RQQ&oe=65773D34
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FCreditCards.com.tw%2F&tabs=timeline&width=340&height=500&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 142def09d9dbc6078f880d256cadd2e15f3808f149bfed6163de428ad0ab7d72

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Sun, 10 Sep 2023 13:30:13 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=3507493438
thrift_fmhk: GBCbBuEHkZidLz3XX42M2j58FfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 3809633873
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 13165

GET
DATA 200
OK truncated
/ Frame 333C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b29ed02d2a6b27c3b20ec347f6ec77b369499ed94a26079d7f897eafd6b5497c

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 2582 3 KB
1 KB 122ms
118ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=258&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=5333-73CZljTmPZJ4wmbELHII8jkBBSVLkD6j&fp_uuid=5333-176568ad236039a8f1b54e6d43cb41e6&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9f7994e20f15dcfae344f044a38cf8027c739692e2a78cf740c15b993a73f9dc

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 2582 3 KB
3 KB 147ms
144ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: BhYfibf8ln9C4F8AF59WvZqelYblDtF0
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Sep 2023 03:28:50 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 1
x-amz-server-side-encryption: AES256
etag: "519bf06eca29382b4ee4cc4f1dace214"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2905
x-amz-cf-id: xBbFp5-LpC-Yc0wtt3N5c7logj5Jb7_XLcr8b9Snb_mB5I3GS2nGEg==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 2582 131 KB
42 KB 219ms
216ms Script
text/javascript 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 05 Dec 2023 05:12:22 GMT
server: nginx
etag: W/"656eb136-20a3d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 09 Dec 2023 05:08:23 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 2582 3 KB
4 KB 222ms
218ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 44
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: 9kLFOO69bOupYAbibyDsRS5LY1aHfaeD6T3mtZdwStfo90SWIMEISg==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 2582 3 KB
4 KB 80ms
77ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: DID93KRiG7PHJMF22E9BP3B26tce7ZQK
date: Fri, 08 Dec 2023 05:07:53 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:50:04 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 34
x-amz-server-side-encryption: AES256
etag: "41ecd67a1e57b2a3aa7cf0c876da0a59"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3470
x-amz-cf-id: kwltugFy76P9egPdSWdt6UCl9OUf1o7mwZv8hZQZ7S-JrXT2SD-j0A==

GET
H2 200 appierV2.js Show response
cdn.holmesmind.com/js/ Frame 2582 3 KB
4 KB 220ms
218ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: vx758Mn4TxvAFYWIa_VgUv909JqZwBmr
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Mon, 04 Dec 2023 05:30:47 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 49
x-amz-server-side-encryption: AES256
etag: "a63d91ae98de3f6d3d1ec4ebd2b3bab9"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3349
x-amz-cf-id: hNd77kAwR6a9HM2m4pTtxUaNMl66kGn94r_2Grgj1AmXQq3atjRreg==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 2582 5 KB
6 KB 80ms
78ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: ku3H1MOUSfLuWtW9r59UrEXWrMCJMqc1
date: Fri, 08 Dec 2023 05:07:53 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 14:15:25 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 51
x-amz-server-side-encryption: AES256
etag: "ec9ddd169f5fd01f28f9b31866cd4701"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 5467
x-amz-cf-id: wP7Z7FnaopVxbBs8GC5334QkbmaHiQmRZ4qukjOSFlYESlm4nxxR_g==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame E15C 202 KB
53 KB 66ms
65ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 08 Dec 2023 05:08:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: OsSaP8grKP2003lfQCoCIdgn0xQ4n8ea46pNb+JXzC/nN6jOVP2bQmNeAWpwfHWEZuQP60Iis7z7aUDhAzADtQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 95C5
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

250ms
250ms

Image
image/png

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNXYq1z5bAcKnWEamMkPZBVKL2kYkhWEOhZkUcfTUfxizWe8U8x0fc4BFbf4YsBxPxasdGOV7v57cmXeEezNTxOzPgLkfw

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 95C5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1

43 B
339 B

75ms
75ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNXYq1z5bAcKnWEamMkPZBVKL2kYkhWEOhZkUcfTUfxizWe8U8x0fc4BFbf4YsBxPxasdGOV7v57cmXeEezNTxOzPgLkfw
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEYBuZwHv6LW%2BE0x4WSGuBM1lFFEZkGmusTYh%2FaKTxeNs8qjiebEQ1VoAYG4KrezijEkuBF263UyOoIKoiXCy6oxorfQBLr1PLXzLC63esntKAFrTUYPtAj%2B4RvXAGwKU%2F2U1Gx3lfTbiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83227d7f4b596856-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 95C5
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXKkx0RjrsuowgY05gSNxQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1

43 B
770 B

103ms
103ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNXYq1z5bAcKnWEamMkPZBVKL2kYkhWEOhZkUcfTUfxizWe8U8x0fc4BFbf4YsBxPxasdGOV7v57cmXeEezNTxOzPgLkfw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJZwVV6BpZZdLtKhCtTPAaG%2FIrKYn4aGdjXU89psXkYsjcDM9ZN6Isea96DHyphJLnDLWQW3T1pjDyfpjITNZdDzc7OUGk7zGBmroTmn7Wif2yyzKBr3PZ7QDUdN%2BUZXdkzn9btPCzBg5w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83227d80dee9e0a8-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9631
Redirect Chain

https://s-cs.send.microad.jp/cs?key=google_1
https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

170 B
188 B

340ms
340ms

Image
image/png

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNWXIHus7k-xUNT7DBB4Vdpeb0gGJ8ngWKI5WUpl7I-6gTlTZlv66FhaYnnJ8nZXgBEcn_26oFQfTBViZM0-MIsULapEqg

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
server: nginx
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
location: https://cm.g.doubleclick.net/pixel?google_nid=microad&google_hm=&cmps_error=3
access-control-allow-origin: *
timing-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
content-length: 0
x-xss-protection: 1; mode=block

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 9631
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&C=1

43 B
422 B

127ms
127ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNWXIHus7k-xUNT7DBB4Vdpeb0gGJ8ngWKI5WUpl7I-6gTlTZlv66FhaYnnJ8nZXgBEcn_26oFQfTBViZM0-MIsULapEqg
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EODKQ7szYuAOdUvdf3%2BnJIBgweSgVfXnTo9f24AJqvpww8tsq2jK7t6xyLn5iCej%2B4F6K2oZbKG3KYfiu45xiVut8gWl912QHta4jqetHfTVwHpYC02ASHVhDJ22KeP6Ifd1PUClsNdzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83227d7f6b656856-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uyAM2IhBmTqdIGCugeDfsE8IkPLGXciTiRRvHxVGNjJ3GpOhohi%2BmDyXD%2FO9h1cKgfZ9IOMyD85yV0LvC3XgPZYn9dJd1HKkXJsTEP%2FR7sf5XJLGDYF9ZleybBBIVMAG3lMk%2BxaUVkt%2Bpg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83227d7f0b2a6856-NRT
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 9631
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXKkxzYYzqA.82UItms5MgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&google_hm=2

43 B
735 B

162ms
162ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQvKLz4AIYhKDS6QEwAQ&v=APEucNWXIHus7k-xUNT7DBB4Vdpeb0gGJ8ngWKI5WUpl7I-6gTlTZlv66FhaYnnJ8nZXgBEcn_26oFQfTBViZM0-MIsULapEqg
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pXLA5xEM%2BCwVAWTM2sw9FciJzF8mwnman04ZmJX43K9VHW3%2BoHJPs9tXUQPbyqkjpDunNK9vxcMhgUa8k32AD8oXJ6ZxPh0eB%2Ffu2nzXLk0iWFA55TPD4drAKL6ORmxUcyB6%2BvU5keL5Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83227d80deebe0a8-NRT
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECewM5lBNG2zWO1RjwGJS9w&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 re1hPxQECWj.png
static.xx.fbcdn.net/rsrc.php/v3/yx/r/ Frame 91E5 3 KB
3 KB 238ms
238ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yw/l/0,ja_JP/L9vxdWjqRLv.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
content-md5: i7RWZH3OINQHgRs93K4JmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2674
reporting-endpoints
x-fb-debug: DM1Cs+RBbTMWVsuDxQL9fIqvPvBbqjne4Lic0xd6ChY0Ua7mdpjXf+hgtqWIw43AsRK9uB4OK2Q6XrSFKqGOJw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:01:49 GMT

GET
H2 200 MKQzjVd1bVq.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 91E5 548 B
978 B 238ms
238ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,ja_JP/GSwcapvLrEq.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
content-md5: l20F61ct/3QC2rM+eGjRow==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 548
reporting-endpoints
x-fb-debug: HtaBpQ9bLXaJ+mCHH+lbGpjlu6wwfjXq6hb1bVKPOeUaQAh+dAr4/K/qWRio4uYRJJ2+8PUdker/N8LrUsSbHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:03:52 GMT

GET
DATA 200
OK truncated
/ Frame 1330 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ae57b15404acb39a80b9714a36c43546fe0f25b10567812fd470951f6d95869

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 float.js Show response
s.trvdp.com/scripts/v5.832/ 469 KB
139 KB 211ms
68ms Script
application/javascript 143.204.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.832/float.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/7942.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-127.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 08:09:30 GMT
content-encoding: gzip
via: 1.1 025de06f7deee324c277661a5d0ef5fa.cloudfront.net (CloudFront)
last-modified: Sun, 15 Oct 2023 15:13:28 GMT
server: AmazonS3
x-amz-cf-pop: NRT12-C2
age: 1371534
etag: W/"ae8e71eddcd185d49d5b9a8ef8a2ef6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 8bhi3kR8Z-n9knbYPW4VEZfQ4BGaniDqQJonMZ_IgSr7-e3ZekTHyw==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame E15C 37 B
409 B 129ms
129ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

95f2ccb847074153d54e65686ce7e2a10d73ffd705b05300e6a1121d882879f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 2582 0
168 B 283ms
122ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.20133896112931193
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://reurl.cc
Date: Fri, 08 Dec 2023 05:08:22 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

GET
H2 200 font
fonts.gstatic.com/l/ Frame 1330 23 KB
23 KB 444ms
43ms Font
text/html 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=-F62fjtqLzI2JPCgQBnw7HFowxqR03dVttgmIeAhi928medo4aTygzb0pibLw92fv-3eHvqBJEDO7D7MXdzE6VjYthFKrck6TX8mWDNe-aI2n8eJDPEI3tlXolrEshlqoZRcpm7s4p4s_-8sm_5ZAkZsVpp9w7FLgdPtWBET-xZzCXto5IgD-NFKVq39xapGHeu-PqM99t9l3TVVcxISTk-XwxJR84hS49H-mzybi9L0&skey=72472b0eb8793570&v=v52

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E9%9D%92F%E3%83%8D%E3%82%89%E3%83%BC%E5%8F%B00%E8%B2%B7%E5%B8%82%EF%BC%91%E6%9B%B43%EF%BD%9EW%E8%A5%BF%E3%82%AC%E3%81%AF%E3%83%A2AeS%E7%9B%AE%E3%81%A1%E3%83%A6%E3%81%8F%E5%9C%B0%E9%96%8BO%E3%82%92%20D%E3%83%A1%E3%83%B32d%E3%82%A4%E5%8E%9F%E7%AF%89%E5%AF%8C5%E6%99%82Y%E6%9C%A89%E6%B4%A5%E2%88%92N%E3%82%AA%EF%BC%94%E5%88%861%E4%B8%81%EF%BC%9F%E3%83%AB%E3%81%86%E3%81%AA%E3%83%8B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f3.1e100.net

Software

ESF /

Resource Hash

b943416e663e1b110b046b8abd2cd2b8b2cc6267f77293d27d6bc3e31e59cdc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:32:23 GMT
x-content-type-options: nosniff
age: 81360
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23140
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Dec 2023 06:32:23 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 1330 33 KB
34 KB 433ms
32ms Font
font/woff2 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:32:29 GMT
x-content-type-options: nosniff
age: 502554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:32:29 GMT

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 372ms
71ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CcmHvxaRyZeHGN_XN7OsPiOGniAPd6vfUdLLsk47HEWQQASDSzIEaYInLwoTwE6ABzpeg8ynIAQmpAnpnOnF-yj0-4AIAqAMByAPLBKoEtAJP0LwPITLLdZ5BAnBFnlvMM4HQeJvrqJvmaPhgQBWFu2YAKF0hlifhnQE-49zQ0MSmBigHyJZgxFfNaqJVPjlyCQ2pUPcL97G9LOLkEhIickIxkiaKK8uXy7XgC4T_6MAqrBvwBnSFYIlkSFNfdt651PFspRf2uj-U447LVrC40qpLYwb88B8caaAyrEyA7J6I_Iop2ftBynyegQtwW0AbbXDnfTS3emf3TuUDhvvXPx1Rjpw6xvJjtd-UuZZedt8tN9Ug49onCNsnTWVfK-GUDbbLqlrcOdNtMtBs0Qsuecr4DpDFNs2_WwExYEKu3wt-GBQkcsVa5JsNp5yZ3wZ0sKATOCNlL-NHgBNcrkacEndb9SscT45hKzIUD1MIZ-eVjIshkSNsMMMorWs5_Rm56IvILMAEvfeP8LkE4AQBiAWDgvGETZIFBAgEGAGSBQQIBRgEoAYugAeXlKzSBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEELmkCtIIHQiAYRABGB0yAooCOgKAQEi9_cE6WJC_8ZWJ_4IDmglaaHR0cHM6Ly93d3cub3duZGF5cy5jb20vanAvamEvd2VsY29tZT91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPXBtYXgmdXRtX2NhbXBhaWduPUNoaWJhgAoDyAsBmAyP1or3wgSiDBgqFgoU5LSxAu61sQK1uLECrLqxAru7sQLaDBEKCxCwkvuFjPPIkJ8BEgIBA-INEwjDhfKVif-CAxX1JnsHHYjwCTG4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=CZT4yyIJ5e8&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&template_id=515&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 1330
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CcmHvxaRyZeHGN_XN7OsPiOGniAPd6vfUdLLsk47HEWQQASDSzIEaYInLwoTwE6ABzpeg8ynIAQmpAnpnOnF-yj0-4AIAqAMByAPLBKoEtAJP0LwPITLLdZ5BAnBFnlvMM4HQeJvrqJvm...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb53420...

0
0

155ms
56ms

Fetch
text/css

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb534206ab6b43450000000000000000%22,%224%22:%220x3bbc3e779d1178e50000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%2217934328409405101120%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214654918752038539921%22}&andc=true

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f9ed04407bb7890000000000000000","2":"0xa49d184aecb3f81f0000000000000000","3":"0xbb534206ab6b43450000000000000000","4":"0x3bbc3e779d1178e50000000000000000","5":"0xe86d43ee1b09863f0000000000000000"},"debug_key":"17934328409405101120","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11247553486"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"14654918752038539921"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 05:08:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f9ed04407bb7890000000000000000","2":"0xa49d184aecb3f81f0000000000000000","3":"0xbb534206ab6b43450000000000000000","4":"0x3bbc3e779d1178e50000000000000000","5":"0xe86d43ee1b09863f0000000000000000"},"debug_key":"17934328409405101120","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11247553486"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"14654918752038539921"}&andc=true
access-control-allow-origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ Frame 333C 23 KB
23 KB 523ms
143ms Font
text/html 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400%2C500&text=%E6%B4%A5Y%EF%BC%915%E5%88%869d%E3%82%AAD%202%E3%81%86%E3%81%AA%E3%83%8BO%E9%96%8B%E3%83%AB%E5%8E%9F%E7%AF%89%E3%82%92%E3%83%A1%E3%83%B3%E5%AF%8C%E5%9C%B0%E6%9C%A8%E4%B8%811%E6%99%82%E3%82%A4%EF%BD%9EN%E3%82%AC0%E8%A5%BF%E9%9D%92%E3%83%A6%E3%81%8F%E3%81%A1F%E3%81%AF%E3%83%A2%E7%9B%AE%E3%83%BC%E5%B8%82%E3%82%89ASe%E3%83%8D%EF%BC%94%E2%88%92%E8%B2%B7%E5%8F%B0%EF%BC%9F%E6%9B%B4W3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f3.1e100.net

Software

ESF /

Resource Hash

b943416e663e1b110b046b8abd2cd2b8b2cc6267f77293d27d6bc3e31e59cdc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 06:32:23 GMT
x-content-type-options: nosniff
age: 81360
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23140
x-xss-protection: 0
last-modified: Tue, 02 May 2023 23:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 07 Dec 2023 06:32:23 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 333C 33 KB
33 KB 479ms
99ms Font
font/woff2 142.250.196.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 09:32:29 GMT
x-content-type-options: nosniff
age: 502554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 09:32:29 GMT

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 377ms
75ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVzE7xaRyZd3GN_XN7OsPiOGniAPd6vfUdLLsk47HEWQQASDSzIEaYInLwoTwE6ABzpeg8ynIAQmpAnpnOnF-yj0-4AIAqAMByAPLBKoErwJP0P1vsCOT3GAhqx7zyLRvqCWpokPAoSiBG_-NiUFq1sk9-OLPQBU8VWBmWF4jS16vLLhvnbCI5pKphRiBYHYOPUiduuiIrFJmvJCfdzN1y81zSm68Lj9TtFj2sWPBfP8-tQf-SQowOmSgE3K4eeNZbLWUe5O8eqc0SpsP4viTA89z9dgNq26HwSsF9qwdXjQ-rrHM117ZH-op7V5ka78DL-ldMyfggfTuMh6hPR4EXJNFMpU3RD2_LJ5gdUA3qzBKJie7Y1SFJ3A7wYTU-YkMROfjW1KsR6c8D-wkZYZTZXo5NzMMqvJpZ-GKjhfJqTsPvr4IUO3HZbJ2u-2DVYhZIr055taNm4Y72bNIvRamonL8rbU12O-d2rCUXtFufWo1U3gWz5qUTm8bs7hidfPABL33j_C5BOAEAYgFg4LxhE2SBQQIBBgBkgUECAUYBKAGLoAHl5Ss0gSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDdoQbSCB0IgGEQARgdMgKKAjoCgEBIvf3BOliQv_GVif-CA5oJWmh0dHBzOi8vd3d3Lm93bmRheXMuY29tL2pwL2phL3dlbGNvbWU_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wbWF4JnV0bV9jYW1wYWlnbj1DaGliYYAKA8gLAZgMj9aK98IEogwYKhYKFOS0sQLutbECtbixAqy6sQK7u7EC2gwQCgoQ8POT6OG5osx9EgIBA-INEwi_hfKVif-CAxX1JnsHHYjwCTG4E4ME2BMO0BUBgBcBshceChwIABIUcHViLTQxMjY1NTQ3NzkzOTM5ODYY4swZ&sigh=D-XReZEnxns&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&template_id=515&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 333C
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=CVzE7xaRyZd3GN_XN7OsPiOGniAPd6vfUdLLsk47HEWQQASDSzIEaYInLwoTwE6ABzpeg8ynIAQmpAnpnOnF-yj0-4AIAqAMByAPLBKoErwJP0P1vsCOT3GAhqx7zyLRvqCWpokPAoSiB...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb53420...

0
0

112ms
55ms

Fetch
text/css

142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb534206ab6b43450000000000000000%22,%224%22:%220x3bbc3e779d1178e50000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%2211575194169130789007%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214456626553910491073%22}&andc=true

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x9f9ed04407bb7890000000000000000","2":"0xa49d184aecb3f81f0000000000000000","3":"0xbb534206ab6b43450000000000000000","4":"0x3bbc3e779d1178e50000000000000000","5":"0xe86d43ee1b09863f0000000000000000"},"debug_key":"11575194169130789007","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11247553486"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"14456626553910491073"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 05:08:24 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9f9ed04407bb7890000000000000000","2":"0xa49d184aecb3f81f0000000000000000","3":"0xbb534206ab6b43450000000000000000","4":"0x3bbc3e779d1178e50000000000000000","5":"0xe86d43ee1b09863f0000000000000000"},"debug_key":"11575194169130789007","debug_reporting":true,"destination":"https://owndays.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11247553486"],"4":["12-08"],"6":["true"]},"priority":"500","source_event_id":"14456626553910491073"}&andc=true
access-control-allow-origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 279F 51 KB
20 KB 238ms
237ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 19:07:20 GMT

GET
H2 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 0D1A 51 KB
19 KB 265ms
264ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:07:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 19:07:20 GMT

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2582
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=ifMVrsmeDKiAk4aQx6RyZQ

2 B
130 B

99ms
98ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=ifMVrsmeDKiAk4aQx6RyZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 08 Dec 2023 05:08:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=ifMVrsmeDKiAk4aQx6RyZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 2582 13 KB
13 KB 182ms
182ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14210&rf=https%3A%2F%2Freurl.cc%2FgaOWLp&n=258&o=1&fc=undefined&d=1&b=2&ts=1&ii=2&FPCK=5333-73CZljTmPZJ4wmbELHII8jkBBSVLkD6j&fp_uuid=5333-176568ad236039a8f1b54e6d43cb41e6&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: sfdFHmFdC8YPCZiGqqMtE7USitFZTlzr
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Mon, 02 Oct 2023 08:54:55 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 34
x-amz-server-side-encryption: AES256
etag: "dcf480340ca4b65dc9aa76bd9e677036"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 13033
x-amz-cf-id: 8LiQ99pIQEQLtQm78rtShFez-WtevQ-7LK58Lwraw1__6jPEMi7ieQ==

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 2582 0
171 B 468ms
231ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 08 Dec 2023 05:08:23 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 2582 5 KB
3 KB 47ms
47ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20231115

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Fri, 08 Dec 2023 05:18:23 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 2582 36 B
401 B 73ms
72ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

b68e2e2ce01e9e10fce144866719f5ad3bd6c37c44f57f7682c20d25e229a33d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 2582
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=APd_7tM1Bwmjt1uBx6RyZQ

2 B
159 B

58ms
57ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=APd_7tM1Bwmjt1uBx6RyZQ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Fri, 08 Dec 2023 05:08:23 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=APd_7tM1Bwmjt1uBx6RyZQ
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C1C 0
58 B 178ms
178ms Ping
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5266501082883&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C1C 0
47 B 174ms
174ms Ping
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5266501082883&version=m202309260101&ct=77&x=1&cor=3503317274754980400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7C1C 20 KB
14 KB 148ms
147ms Script
text/javascript 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CczU0OkdE07OQO7ZcOOtF-Yu038RsPtEPjHuK3vrLW6RNcCEfIzU1XeXhMKTYApQq7Q5Jxb6y0aEa5WSbYRe-ye8ldlgcxOjakbdOGLXdbuA7dy17FmBIL1wxUsbCxjSXqh49BMdpT2sTjc3nge3cjm4kvi7T3nO-QQ4FQLmtsLGA9nfI&cry=1&dbm_d=AKAmf-BhVjekuuGztxyIYHBrS2SQBfJXsON2XMxnG7_QSIrgMe3rHGv-nQjsZ9-lMDyW58F0WrtA7PtdZXiYm7AAlT8B207mWXHj7lNZPUAIv2zvhz_Gl00QZC_sFN7W1Erag3t-dWx513YTKhTkyJhT_DvBFHd0KmBxUK_h0EA3J95-Gh0h5SZQ1x1_XmBwAFJ83TzuNBcL2ICbFuP_BZjt1zNv6f9E0ggCxe_9-HeYxWrC9HuLXhHMGdTXXbDAEQHz0TC28zmxzYaCjAK4g84xnH3Bkw0u9HuZ-y8t3jx6CmD0erwqCowZWRvXSGpmjTk4crrZtV8MZ-lM-segSF1cRCRW3CN52Udakpqw-X9xYGXB-GbHfg1zouLbORl-CzeIzG634ioDsikxWMrfgI8DWYcWFflYe7NB44VxPMNQO69CQLFhvnnYLo98zEP6pIpJzz3aGD9qd4-2QiVgw_bnCTSULVPzt0knI7PY90oRi09nVAIjgp1APDZ9xqkzZH4oqY-rV8gJXp4ktS3ObMRxb_GYzkwIM5Eau3i7JFblFJQyr4qvt7ScmVyl9XgggV8LyS8zQOOavxoBqxxClL2IRKdKCW1oxkx57iSuMmuJC1yZgev1lbeSl5sZ402u119BFLYTs17Pit7Sjzk-iCSIyekXaKGXb8Ku-HDnp9H2RdBmQEDQLs_WPzVRTkZ7VcQ8SPXx871Pgbnuaydbgs3EaQAm2Ti43ZRtBPQcruGISGbvJycY5-qtPOtFbOEYBxUn-EaHF2v68aLmztop5LQNZl9eLjXpUp2fBDnhEXdGnnwQtWnIsUsqMjaygryN-DGD_me_R9CHGDz1QqXCO04IiBSw7TLy_GCfRqNylZlG47V-gteduZtxT6GgrPBwvb3v2m6DdWnkmdVfx13J93tMyoonBEHEtAkyBMAEEXXDHbNzQiNmVpORq52KRQwEp2mXAll1lLciNknQOLRLFySkOm7qsYH1Qbneb9Xm-1_9TP2B38kIxCkQwaM4XeHmEA97YdqjcLR2Vtjid6KbjS7MFnrAYPHlBmgccTzW_60YlMvLfx7LVrfdrwo9waa9QpB4drWEgMfjsGE8EOoj4CZN9IZBq8ep0PqNt-9eS-3kvXLnHU-SRXHntrroLldlOolvaEG_LuTJDLwD9M7MHkI-ZF-qDzaWfmNP4uvRVADa2CwNskBxYow9t0NgJQ9LrZcS4Mv913HB5w4d3kJsvUlVnB_rMMgvWE_sJLOGyosIJ0AO1bUKHgdYVbF9Jix7WhGGMfYxt9nv-6PAHUsLPRpsXdSYvpbsD7BgAwVLmeXPSRWTes3W7ZqUgYneto7OK69CNNtXGuxJA7wStf5e2RWlk9O9bUqIqKQ5F-FpqMn10dzVCwXQKlPc90KB074KnXnJEgDRFDbo-KV3Ma3m8eEQW6gsYwOKRooQdiM9dMXamAPn_HxPnX6wOCISOYNYGcHWG1SidcEF2z3SQmRTqrM-KHWBoQmR8gcF--bfYLpbTXeXFOM4NvxOyoxAk_PV90ueSAbqUlqgNi2STSNYhqgOedIm3D2Bztd8hKz1uFrLiQet9rCBfQF44Ub1TBvTMrxw9wMqccINA55KK8I6tSKeh_dxxpEZJkLYqigop93qyYukiWyBYE1qQlRfuiPJddxd-LOWX4bwV1NvaUpp8nSaR61RdRC3WqdVagSK6DNMQBXm_Nb3gTKZ8rq-3PwVusdJTrd_EAe2JACFRiSGXxNdQzkUvLW2P8LUYy-LbQW0pg526JwkBOGjDD_I516nNM7nwad_BcPuhC_4zO0PEQzmSI0csRj293qXpzeusPYDDq-uBJW-MtmiOliH6EdcB9U8g6ZcwLlvLJ59V7Xtjbn3aTDFBeJuK0pmdiD59OB93Tev_G1_dELJ-erT8KinIOZs4m6AmoDnSF8cEz8wiCFI2nM5DpZCHQ3LLdDCuvdsxt9WW1GEFyZuToPSZqEK0sNVij1vmhDDxThYkeG1JpnRSBj84_UydiCmnCjSp0BM-XwM5QfVPywG9qwvpyE9XJrq5C87FuIXLYLoaWligd66XPbx-zM5G1_UHHkHOwKWlilxhzO5W6AVQ2Co0t1H7eude4e1USLB_XmoCyyKrAEXpn_CAbh7VdNdGbiKj5FEGQxJsXSQ1i2Hata__PUWmdGcMbFPcnRPaZwkbtXBXINPVYq2-O2kVyTDmOfUr92p7SgO70TcJnEhcnRmQvB_UW4s5hN-i72pVt7_CEPdigD5xDM6oED3ioxknwXjBYTBWDTKM71yvquOr7vZ8At8Mm2JSCVYTUCst2TW7R_bBMYQj41FNfXV4UcTeh6Q2vpVL0E3r0Fbukch03STQZ_8jy1ZBTW09jyCogCGPhUK80K89sDAxYlx7rNB35TwKlqP83l53RR2uV6xo7nx9qU59oZxFSVY6lVnkbhO11OYhZ_iSbJ024zQg4do72pHiO-NOkqUSd6ig03myxorwR_BvgFBkGhqMqFfdDsSGhybCowTTaVz-mlCZ69y8oEzfyVcmfRP1yJRuVMKmaYzZ1mCLZ3vbmfIT5n6HMDBr9cp43fqe4NsW8xFRpALgy6KRP5-2WNvlfiLF1W7UwVNJyHv5zNJ9gS4zai14-UZo_aL0hdBsGcp38qaG14ECmLFFDQqbcivnxRTO0qEIJ4P4z4VJ3ahw5C0FaLgufrfJA_tMDX9hbnV1j4sO2Z42PaXkl2acWm1lQBe94D8DGBuplXx9ItR7QSCV3muUuD9uUDxK2xwhg4o7i0Mo6T7EazGi1i87kEdviJ5oH-xV0S1qSxHOYkDi0hehji_DPMmMVEVeSJEwk_SvEyYWOJgSFFi-IIFNL9cPwlJqDUqWKnCEIsCtAGCtaLriZaXc2hsMJa6bjltq14WTMBTI50i_vYLjTHxxW7X0m_cB5kCxV1mb-Uv5_H9xIih1q0EYGWnP4Y8roBMhBQ0JRaD70ONcSjyemXIVFjy7UW8Ul6MPqdYjzuVKbZJip8_NdmYXYHFKt_qxyRkciRkKg4eRKy7_2lV14QDg56PJfMEOMTKBiwGQITWog5l21XfC8_fjYJUIbG6KYYDIlxuTRMYGYp0FYhuMZXVULnxACpIHVkbzH55ELh6Q1_CGwi9eCJS_BaYiSlI4q6D4s-iPisak15c1DDKazKakqIlOCzif12d3SL8WDxdI-xRxIMtN1KvnZ0zu7btJn2eZTVZKznIR4XoJvrwqQoTmo2J2xv_AIY6uaIcfMDJy5VE31pqr24bQtWK3_5X2Nm1yarN5n9nk_u6n-OFDLZsww9wj5UF3kp_PMp3oILik9Ls0qAyyzqdflsfAO_e2OJJRgzag0kWoTN7XQHsI9cALk8uyD4Bno9lwi8PvJoXkKbwObrNc6TFAWOdUbH6dATTwDDQ8Bqp4I9xyv9x_kB3HiD-BxZkxQEEdGAR-jwdrBKT3BDLLZD20EZbV67eYL7_d3FrS6ZsnBXqANozu3nE-ccO8lg0SsTYEekrH_mxZX9jleId0p8Bj51RLVRot-J0FCBN1bM10-ugF_mOtbYj8a8qiZNn3tWD5mU7dcSuElRAhMsDhj1sh6r66T_n6s3xkeTnCfSfMhJNp1p3KwFDcoZogILHj44jgiUzp046yJPIiLzttn5dvfo0erJqu5UoDONIZsA58bOAlD1BXTqMxZOKlj-GvybiLplugtogyh4oGqx_ERFinwUBzDTUrmsoCVbO0LwDz1vjDhfGETjfgDMLvBuTV5MaKjGrkkjDqpAZBr193jJVayYpNPwhWPCu5ZbY9lE0_WD-YE_enQl1hEfIRqpyFxrWZTWSG6zivEdMsNDLgfyb86EV3ZpQkKbD-8MiM4ctO6PeKBDUu5BioJOw6o0ezIn24Sckf6m0EiXQvttQZY8z8Z6X0CdiZ-YNk5prz8YFb4lPXs5MPzAqx6i0E4pBAQJPashVwIyPEod7muF1CAzEoS4qkgACXc4aL1DzozBRUrOZ44D7DoYsR63Qt4xDFMerogkp0PiSxV_j0_KlC55yE1JlR3DXFBcK1qoGHA9Dsbe8p055yPVd6KFrlzhOXwI8GhmWVQ-NTtYDlny7G-LRWdCoAwc1vu9Iiea534i7Zifqelp1gbyhnScnbtSaGmiInamUBt4wmGTmUQYwZXOlbW0pPA6LlIGACDNVsGdTlizsJfR3doNEtWwxVlQaKPCVDLYuEm-XTGte2M01qGLm&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=3503317274754980400&adk=1964084971&idt=819&cac=0&dtd=31

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

cafe /

Resource Hash

4d8962e57f0fa84f1e0b262b33727e3242ecd9b9d0d45d30121920a7737ddceb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13688
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 2582 30 B
271 B 76ms
75ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=68c355f7-9a7a-4602-ad1f-bb774a29aaa3

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 2582 0
187 B 425ms
31ms XHR
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=145&profileId=184&bundle=XHz9ZF9MJTJGdFpJUTVINUllSllobmo4QnpSbm15T2drRFdtdUM4QW05Q3Q1d2liT3hobmZUNTdFSW1USkx6Q1k4WUM4U2pvTjl0RlFkMEtNJTJGcTkxU0hyZnR1NlQySnlES3B6Q0lVd2IzJTJCS0htTlhFQm5jaWxVbThsZDN2eFRmWmR5eHpVTmFCTVd5UU9NSXVUUjBBODJhRFByaHclM0QlM0Q&cb=10227622108

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E3 0
56 B 58ms
58ms Ping
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5148522527707&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E3 0
56 B 71ms
70ms Ping
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5148522527707&version=m202309260101&ct=77&x=1&cor=4703141127577787000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 66E3 20 KB
14 KB 179ms
178ms Script
text/javascript 172.217.175.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRh6uN2sXOjlxM6MA91lK-7WXS_201aZbg6fUB2eh8ZBKmGTLYqb4MkAlzlcEgIRoCuaC-ZStAh-Fim6L563s4ZiOWGA2Qgw1yfJn-tRoVSY1leAQhqki6b_4GuxZEvn361itfKRTF_EmLZKsmlYUMpqENpWYAPQ_hZx5g-hoXl3SzXTk&cry=1&dbm_d=AKAmf-B1Yif9GSPfGmLJTKI4k-U6puMY1xM5BK6yl1gShfzitFw_r9_QnRgDnVFe-Al7NyeOJL0lTdkW0va2HQm8VwT_AK9vn5AQ58IVKV4IUGKV5I3LQUI1IcNgvBCx5nhanXbEbirX7eduqoBV6gfjvA4vP4ajdwMtmp6xqtCMj_d-N_tfYKua7fqFsSwUnwd9SCcRLFIUcF-cVlcKbJdEiOsWoU9e9ZwZaCBPCRFT0oawPw7fBTBZZevuaSjKXEG9jMtN-sI3jArto-VljncdOdC4tH5q8Yrm-AknYWHYm8xMEpYhU-cGyIQTdQJP1tgElqQbdVF-GoewC5RteSjZUhfiF609lnO44f4GaWSC0ps4YLw1yYgiJP8RUr9yuXp6lkzPGZ4cd7LRZ_9bNr27ekeMQNECLtm-JqDjgOPxPjGv4eQEGWsNolzsNVgqRP_MXG--TCkJ_gya6-XdKY_HnPddgqlEvr0o2N9HvZfgox3dwiMTSLlz6gdAmUdxLCOqk1v469wVcT33xkpIHug4B-lEdXH1-5YoABRndBZkBwJj-Z35mSOuxIe5K8m1wZHHOqN3nzlID3pl4Za4BAssxz6u_Psv6AsIa-KMC0SmjZ03bW5qsxmx9_EZ_1efwAwoJ4sXUQs9ABt1eJ1SoQ46zqXwK9be5pD16O_aZmM8WN7nVDljonSTeuRlWovny1EZuZmZoVoQQ_AJdtH8xwvxQFsU-38ixgGItUDYq8J7fY3CmjwuLaPZFHad6PhNHIyE66HjO95btyBYvow3AEFEwrleXW8k55exxMh_AybUriqyRDk4hAy2mLQ_LtgYX1gS_hGfWG2nbzB94qfuSbfpwmw7q7S58vs_izpfV7VCRQjVJzSWEfS3wz6a25yT9dWXk5nCIuBMtFcIL8Y_A0f8wQDX7MBNpW3hg6p-M7kivCoAC0h0ldxyKBrY_PRBc52A0rDYHOdmvqf63POje13Kbj9ZzqGeNCAtaLFoOdNUS_C7_lCRykx0uwnopP455DV-yGF86xz0NvS7o02lwdb7VsCZUMSWw6KPsbfB_Sd23jctx-hox47vcuujKUzIY8pvXhqNQk-ef_6NB5YWv_yF9h89BvUtNGH58jVw-N63puTQG2Fl0OCOTcH-nobw-8fX0n4Q3qPeHzZ-v4fD65gI2OxlSdFqUEgHMZ4I9GCkSG008jWhfUsgrgR0qVR2ZknCvBOfQQqO-Yj6yrR0OZOxQ_inn65KVsQ3HqEKGaXjCMJhGUxtsSQiS6iZyWzn1izoBzZ2lBq9pIwIaHZgRLhqT6AX2tcT2_dg127sfvJMlWxFVPOcMethC6SVEnykr4hwsQKueTuZsHw5m9DsW4oDRTj8aBS4Pm7gcqYe76om-imK520xENko6W-scPh4hzwOr8bT60Moc3mdxmLoyGdGVyrfWNIPgg5--sb-ugbGmmiYHfPRU2HZqXP87YN0efrQlszpadoiVUDE_QVcjizSC3adedP3HaOfO2VKX5gjW4fmCsWAH-xgK9boXs5M-iGv9IhtBgVtBAFZG-a0XjuGlQcnGJZ4YKNch-IWMUsPj2dT5kP0EgOri-4TMOgoqEjZ6qc_zoh1qp1ke0L8IBSt8OzDfIOj0yHMZL0llhpVLiqJTDIXYGxKSci05DVy1OirGeQbY9BZ1NtkfPF1ZWNESWzRwFBDZ3dgaZmeEHbXkb7zOhyUYQEpISRVnQbjndQBJO5t8lyIgJBZnRQ-6CZ4skJpPejteNUVH0nQePkYk6vMGvJeJ4SScCSYJfhsKoFtF3WnWNSkqaYLG2ngmEeFo3cYyb3oYscilj38C3cOOiw8IovEXuXUwwhR-daxTbXNGznQGPbzK9SlWk7bgRkF1QMKjtL87NiJM2DKJROaLMDfz8czwivb55lWepbQbqCl3_itNNYTWCSfLAUCbY-kfLK3Aq7_Uf8hRzX3gRqPlh5uOONXNRRnzp3kTzp-DjPVkLj-nv69VRgPWmUNvLXzmVC3PojXLvx1ZjdAv9uiEnW_V5OEMolYEsxPp21vTfm7v97cxpyUIdHrbjRM4JYZWxVPASRWRT9Cvxs_jzkDwTlhLAdguUTWUMUvMP0c3CanXdPfosRcCpGURUPhMa5FiZSE-rMOb_MpUh1h0uQIrQcuXW8ffb_qaYmkyeDOitCdH_klz2zYra6SSjj_8s_Qc3AdAU-cOX9_AcCK84mUMMhT4OqgfcFz0AFJZpDIukIZ-rsY9JrMAypp2NpQUHaKk3mXG_ynrnYs1Dk0aETXdkm9KYHzHi4yQtQgl9spu_yRXfWDa3zTIoka7xQiCDGTjs9EifhmuzocV4C3wMtE6ft_i6a5AEg5MME6xLFmZc8oUxwMWUEztTHqwAjEkqBAa9pupWAgTCUdYs3hUR_JsIhu6_8JDV8uLeKqiqGpXNC6gCia_LS8E6JgXfdaQMKTn5Mcki_dm_Ygu9AnWZ1t59Ffsk2f6UqSjRTLRgTG6X7dnyvl9MXIMHVOxGb8KXNN1Cxo6wuRLnIiDlBblRvaVQmbvAAbXTOuyxMpnPpKY3eQw6AT935G4v6Oi2Y1cLHW_Qnj4UctOcwY0Cd7YF2H2yrdbyTKHUe3FRkCy4TM93JaiAWn_Q1TZAK2CJXmPSrAqU3ziwvePOtQgMP0THDKIf2NWABf353Qp802ZzlVEqGOi8TFCRZHkVzXe0VQkjdOoWv7y84J0eldah2zUYLPVNJlMs_nG7R5yJkk8Xt_SzjXsZQUtHDgcwvjlYWq8Lmh5gtVdlYsWaHnwuB8dY_5Ya587-p1x6LlnZCiJHjU6PeUUXXGfmXWO40QeJAvTydAVBPD6qyEqb8W9U5ZdCr-je2_jODHWhk6mWuUQdha1GCfrACT1MRzRmHIef3eDpxotSb6ZcN6dGH2r7LlOnNnShpvcMLbk8McyTf8IC9UPbyXNZxvRTVGrcpzxJMlEZMqqvOZnXy0HQhXmeNi68SU5NDDxlRDu5ATBNBV3whhLImdok4eEVn_DlXZPCHE60rrcV-rXf69-H0MZ5racxRvtP9pue39Gholh3sABbVIm4p3jXNo9F8C3YivrVP02nYCSOrVGwHgpPR0lgIKahrKAka1h9M5ta_Nm9izJ2ZPZhqHr02XrkulG-U-W8Xptw7Po6Q930o3rWJcpKXdY41Fr8dgJVZnNUx3NAqLEY6aop7XWc5wKLBJVUOleKN4fOSz3dvBUFrnV63gtgOy26ZhE24Q1M64RCBoRiNzFTO87BWuPSgUPZ1AGAS5mDo3-X_zgUMRNwYcbZOEVCJYJHgAC0i2QY1q3FuTMSAZxmOFCqIZTWsz0fnSMiT__B__GenOfrYhEw7Yx9lYcL3OoCe-X8BcdcNZ0AuKiyjmo2kx_ZaC45lWE9Jl5g5wngarfEMKFy9XsGRTDxTP8oJfNRK07RSOxc9A9yVQJD0kD9NMH7hp5B8e8Hewt9bdjFebFHH223G6FYp_-rpib2s9um1WjBqGarmK_A_105UaU60hnvhkf-lgd1ws-ILsmw_zeNT9NkUF6tLZpqEYEXRwXFjolKgiMoCGP8RcjU1crbALPL5CBai1lWEhoQdKwEsElrWLZmO2Y6o6tJkaAMXKYKyc3fduZNHWjUA85I_uFLM5PdeUt_tEFsIDu8Jp5aiS-Qp9DNAXEpnRoua57EZaQbN9QT51P-dIQQSac7nGpWfKOIgnFkSFS4Q2EWK3tqyBQr3HJASuzexj8ENgBAeMNVteiao310PZ1w4Hg5M2vparDhYyi0bwa0cXliHz6DXhb0jCamC_j1VA_G3tm76-yWedg0NMKqsTsafomz4ypiWz3r1zUgQOb9OissCpJOm1a8OPcUoNjowNtAskIxX05x6coW1ZjjM8CaNNNmdUqOiNLNRLmJG7KjeLlkTAe7LMIhvqvMpfuYr_Pdv-NrvJ6bN8C8u3VejdPG53pYWOmxd2H3uLiBKNaCikXehT2XrWXjErfW2jIp4w3MJH4JolowCu-SrXXCDjtyWblI1Gaw6qJfoU7C-zOx7l8l7jOMkLnha7PzM2R_6VVOFj5x5dq1OVRMm13vwdcQ1XDp0C3o98eUq1Ky-bi2wJftqwtOlwTQyQ15kZPHNFEXydqvOFX9tBH9ggYjkJRao4Lz1PtEDo4dBtruAqy_218_1GofmS9SV_pOGuohlsd6jCmBOODxMhZ59hcqnVGqRyqFUKnsiEOm_XgMGjbKAO&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=4703141127577787000&adk=2228999114&idt=915&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.175.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt20s20-in-f2.1e100.net

Software

cafe /

Resource Hash

c12ca0ed450cdca9f3942e65f175998fadd6f34987d4bc551d4476397cbe87ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cors Show response
rt.ad-score.com/score/ 48 B
591 B 814ms
213ms XHR
text/plain 35.208.216.174
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rt.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=reurl.cc&l1=7942&l2=reurl.cc&l3=JP&l4=desktop&l5=5.832&cb=0.8656350677390579
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 35.208.216.174 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 174.216.208.35.bc.googleusercontent.com
Software: /
Resource Hash: 6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://reurl.cc
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 48

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C1C 41 KB
14 KB 43ms
41ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CczU0OkdE07OQO7ZcOOtF-Yu038RsPtEPjHuK3vrLW6RNcCEfIzU1XeXhMKTYApQq7Q5Jxb6y0aEa5WSbYRe-ye8ldlgcxOjakbdOGLXdbuA7dy17FmBIL1wxUsbCxjSXqh49BMdpT2sTjc3nge3cjm4kvi7T3nO-QQ4FQLmtsLGA9nfI&cry=1&dbm_d=AKAmf-BhVjekuuGztxyIYHBrS2SQBfJXsON2XMxnG7_QSIrgMe3rHGv-nQjsZ9-lMDyW58F0WrtA7PtdZXiYm7AAlT8B207mWXHj7lNZPUAIv2zvhz_Gl00QZC_sFN7W1Erag3t-dWx513YTKhTkyJhT_DvBFHd0KmBxUK_h0EA3J95-Gh0h5SZQ1x1_XmBwAFJ83TzuNBcL2ICbFuP_BZjt1zNv6f9E0ggCxe_9-HeYxWrC9HuLXhHMGdTXXbDAEQHz0TC28zmxzYaCjAK4g84xnH3Bkw0u9HuZ-y8t3jx6CmD0erwqCowZWRvXSGpmjTk4crrZtV8MZ-lM-segSF1cRCRW3CN52Udakpqw-X9xYGXB-GbHfg1zouLbORl-CzeIzG634ioDsikxWMrfgI8DWYcWFflYe7NB44VxPMNQO69CQLFhvnnYLo98zEP6pIpJzz3aGD9qd4-2QiVgw_bnCTSULVPzt0knI7PY90oRi09nVAIjgp1APDZ9xqkzZH4oqY-rV8gJXp4ktS3ObMRxb_GYzkwIM5Eau3i7JFblFJQyr4qvt7ScmVyl9XgggV8LyS8zQOOavxoBqxxClL2IRKdKCW1oxkx57iSuMmuJC1yZgev1lbeSl5sZ402u119BFLYTs17Pit7Sjzk-iCSIyekXaKGXb8Ku-HDnp9H2RdBmQEDQLs_WPzVRTkZ7VcQ8SPXx871Pgbnuaydbgs3EaQAm2Ti43ZRtBPQcruGISGbvJycY5-qtPOtFbOEYBxUn-EaHF2v68aLmztop5LQNZl9eLjXpUp2fBDnhEXdGnnwQtWnIsUsqMjaygryN-DGD_me_R9CHGDz1QqXCO04IiBSw7TLy_GCfRqNylZlG47V-gteduZtxT6GgrPBwvb3v2m6DdWnkmdVfx13J93tMyoonBEHEtAkyBMAEEXXDHbNzQiNmVpORq52KRQwEp2mXAll1lLciNknQOLRLFySkOm7qsYH1Qbneb9Xm-1_9TP2B38kIxCkQwaM4XeHmEA97YdqjcLR2Vtjid6KbjS7MFnrAYPHlBmgccTzW_60YlMvLfx7LVrfdrwo9waa9QpB4drWEgMfjsGE8EOoj4CZN9IZBq8ep0PqNt-9eS-3kvXLnHU-SRXHntrroLldlOolvaEG_LuTJDLwD9M7MHkI-ZF-qDzaWfmNP4uvRVADa2CwNskBxYow9t0NgJQ9LrZcS4Mv913HB5w4d3kJsvUlVnB_rMMgvWE_sJLOGyosIJ0AO1bUKHgdYVbF9Jix7WhGGMfYxt9nv-6PAHUsLPRpsXdSYvpbsD7BgAwVLmeXPSRWTes3W7ZqUgYneto7OK69CNNtXGuxJA7wStf5e2RWlk9O9bUqIqKQ5F-FpqMn10dzVCwXQKlPc90KB074KnXnJEgDRFDbo-KV3Ma3m8eEQW6gsYwOKRooQdiM9dMXamAPn_HxPnX6wOCISOYNYGcHWG1SidcEF2z3SQmRTqrM-KHWBoQmR8gcF--bfYLpbTXeXFOM4NvxOyoxAk_PV90ueSAbqUlqgNi2STSNYhqgOedIm3D2Bztd8hKz1uFrLiQet9rCBfQF44Ub1TBvTMrxw9wMqccINA55KK8I6tSKeh_dxxpEZJkLYqigop93qyYukiWyBYE1qQlRfuiPJddxd-LOWX4bwV1NvaUpp8nSaR61RdRC3WqdVagSK6DNMQBXm_Nb3gTKZ8rq-3PwVusdJTrd_EAe2JACFRiSGXxNdQzkUvLW2P8LUYy-LbQW0pg526JwkBOGjDD_I516nNM7nwad_BcPuhC_4zO0PEQzmSI0csRj293qXpzeusPYDDq-uBJW-MtmiOliH6EdcB9U8g6ZcwLlvLJ59V7Xtjbn3aTDFBeJuK0pmdiD59OB93Tev_G1_dELJ-erT8KinIOZs4m6AmoDnSF8cEz8wiCFI2nM5DpZCHQ3LLdDCuvdsxt9WW1GEFyZuToPSZqEK0sNVij1vmhDDxThYkeG1JpnRSBj84_UydiCmnCjSp0BM-XwM5QfVPywG9qwvpyE9XJrq5C87FuIXLYLoaWligd66XPbx-zM5G1_UHHkHOwKWlilxhzO5W6AVQ2Co0t1H7eude4e1USLB_XmoCyyKrAEXpn_CAbh7VdNdGbiKj5FEGQxJsXSQ1i2Hata__PUWmdGcMbFPcnRPaZwkbtXBXINPVYq2-O2kVyTDmOfUr92p7SgO70TcJnEhcnRmQvB_UW4s5hN-i72pVt7_CEPdigD5xDM6oED3ioxknwXjBYTBWDTKM71yvquOr7vZ8At8Mm2JSCVYTUCst2TW7R_bBMYQj41FNfXV4UcTeh6Q2vpVL0E3r0Fbukch03STQZ_8jy1ZBTW09jyCogCGPhUK80K89sDAxYlx7rNB35TwKlqP83l53RR2uV6xo7nx9qU59oZxFSVY6lVnkbhO11OYhZ_iSbJ024zQg4do72pHiO-NOkqUSd6ig03myxorwR_BvgFBkGhqMqFfdDsSGhybCowTTaVz-mlCZ69y8oEzfyVcmfRP1yJRuVMKmaYzZ1mCLZ3vbmfIT5n6HMDBr9cp43fqe4NsW8xFRpALgy6KRP5-2WNvlfiLF1W7UwVNJyHv5zNJ9gS4zai14-UZo_aL0hdBsGcp38qaG14ECmLFFDQqbcivnxRTO0qEIJ4P4z4VJ3ahw5C0FaLgufrfJA_tMDX9hbnV1j4sO2Z42PaXkl2acWm1lQBe94D8DGBuplXx9ItR7QSCV3muUuD9uUDxK2xwhg4o7i0Mo6T7EazGi1i87kEdviJ5oH-xV0S1qSxHOYkDi0hehji_DPMmMVEVeSJEwk_SvEyYWOJgSFFi-IIFNL9cPwlJqDUqWKnCEIsCtAGCtaLriZaXc2hsMJa6bjltq14WTMBTI50i_vYLjTHxxW7X0m_cB5kCxV1mb-Uv5_H9xIih1q0EYGWnP4Y8roBMhBQ0JRaD70ONcSjyemXIVFjy7UW8Ul6MPqdYjzuVKbZJip8_NdmYXYHFKt_qxyRkciRkKg4eRKy7_2lV14QDg56PJfMEOMTKBiwGQITWog5l21XfC8_fjYJUIbG6KYYDIlxuTRMYGYp0FYhuMZXVULnxACpIHVkbzH55ELh6Q1_CGwi9eCJS_BaYiSlI4q6D4s-iPisak15c1DDKazKakqIlOCzif12d3SL8WDxdI-xRxIMtN1KvnZ0zu7btJn2eZTVZKznIR4XoJvrwqQoTmo2J2xv_AIY6uaIcfMDJy5VE31pqr24bQtWK3_5X2Nm1yarN5n9nk_u6n-OFDLZsww9wj5UF3kp_PMp3oILik9Ls0qAyyzqdflsfAO_e2OJJRgzag0kWoTN7XQHsI9cALk8uyD4Bno9lwi8PvJoXkKbwObrNc6TFAWOdUbH6dATTwDDQ8Bqp4I9xyv9x_kB3HiD-BxZkxQEEdGAR-jwdrBKT3BDLLZD20EZbV67eYL7_d3FrS6ZsnBXqANozu3nE-ccO8lg0SsTYEekrH_mxZX9jleId0p8Bj51RLVRot-J0FCBN1bM10-ugF_mOtbYj8a8qiZNn3tWD5mU7dcSuElRAhMsDhj1sh6r66T_n6s3xkeTnCfSfMhJNp1p3KwFDcoZogILHj44jgiUzp046yJPIiLzttn5dvfo0erJqu5UoDONIZsA58bOAlD1BXTqMxZOKlj-GvybiLplugtogyh4oGqx_ERFinwUBzDTUrmsoCVbO0LwDz1vjDhfGETjfgDMLvBuTV5MaKjGrkkjDqpAZBr193jJVayYpNPwhWPCu5ZbY9lE0_WD-YE_enQl1hEfIRqpyFxrWZTWSG6zivEdMsNDLgfyb86EV3ZpQkKbD-8MiM4ctO6PeKBDUu5BioJOw6o0ezIn24Sckf6m0EiXQvttQZY8z8Z6X0CdiZ-YNk5prz8YFb4lPXs5MPzAqx6i0E4pBAQJPashVwIyPEod7muF1CAzEoS4qkgACXc4aL1DzozBRUrOZ44D7DoYsR63Qt4xDFMerogkp0PiSxV_j0_KlC55yE1JlR3DXFBcK1qoGHA9Dsbe8p055yPVd6KFrlzhOXwI8GhmWVQ-NTtYDlny7G-LRWdCoAwc1vu9Iiea534i7Zifqelp1gbyhnScnbtSaGmiInamUBt4wmGTmUQYwZXOlbW0pPA6LlIGACDNVsGdTlizsJfR3doNEtWwxVlQaKPCVDLYuEm-XTGte2M01qGLm&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=3503317274754980400&adk=1964084971&idt=819&cac=0&dtd=31

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjAxMjEwMzY1MTg2OAogIHNlcnZlcl9pcDogMzQ1NTY1MTQKICBwcm9jZXNzX2lkOiAzOTc3MDk3NjEwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame 7C1C 0
859 B 200ms
64ms Image
image/png 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjAxMjEwMzY1MTg2OAogIHNlcnZlcl9pcDogMzQ1NTY1MTQKICBwcm9jZXNzX2lkOiAzOTc3MDk3NjEwCn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzU1MDc1NjI3OTYwNjIwMjIwMwpkZWJ1Z19rZXk6IDE1MTIyNzU1MTcxODI1NzA0NDIzCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNjcxNjg2NTMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDc0MDA4NjA3NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxOTk5NjM3NTYxMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ4OTk4NDAwNAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZnJhbWUuaW8iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:23 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x31cf62f1e4c253f20000000000000000","13":"0x347436840beda26d0000000000000000","14":"0x20f3868c295d7f830000000000000000","15":"0xa282c7740a7d4de70000000000000000"},"debug_key":"15122755171825704423","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"13550756279606202203"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame 7C1C 60 KB
20 KB 57ms
56ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158900&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0i6paopvQHxhzuQmh7G7-IR&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sat, 07 Dec 2024 05:08:23 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 21CF 42 B
404 B 739ms
63ms Fetch
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5ANuXx5KOSI80BdWLpPntvH2pYGq0gmIeIjejF_ZXYcKsQ9vj-UPU8imrci-XXAAm_lhDLlcAZ5GKRNLGQROd7lJqAuZ-gbydBxfkRw7xiRFl6Pu6bB4X-NSO86WtK0jpDQDV5ijtLw&sai=AMfl-YSfwDUkazzCKa_voir581EvZqQqnGn2pU81jhXwxbB-NWwtd-8&sig=Cg0ArKJSzH0H0g3iPNmEEAE&id=lidar2&mcvt=1000&p=1180,1599,1181,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=1.06&vu=1&app=0&itpl=19&adk=3261691140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702012102295&rpt=538&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 77AA 38 KB
13 KB 38ms
37ms Document
text/html 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 120228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 7C1C 443 B
578 B 627ms
101ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_977181578739&jsTagObjCallback=__tagObject_callback_977181578739&num=6&ctx=1828362&cmp=115741&plc=4158900&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=977181578739&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&ppid=103&auevent=ABAjH0i6paopvQHxhzuQmh7G7-IR&aucrtv=489984004&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375611&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://reurl.cc/gaOWLp&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=11.00&aubndl=&audeal=&callbackName=__verify_callback_977181578739
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 8d1249f16487fc936e14a5751f27641ea4e5f48fb119344b232293698d901d4d

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/07/2023 05:08:24

GET
H2 200 cm Show response
t.ssp.hinet.net/ Frame E15C 0
194 B 77ms
77ms XHR
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/cm?c=cf&cid=undefined&mp=68c355f7-9a7a-4602-ad1f-bb774a29aaa3

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 pixel
68c355f7-9a7a-4602-ad1f-bb774a29aaa3.t.ssp.hinet.net/ Frame E15C 0
79 B 147ms
51ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://68c355f7-9a7a-4602-ad1f-bb774a29aaa3.t.ssp.hinet.net/pixel?bd=68c355f7-9a7a-4602-ad1f-bb774a29aaa3&t=cf&referrer=https%3A%2F%2Freurl.cc

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: ja-JP
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=0
server: nginx
content-length: 0
content-type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 71ms
70ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Live_Streaming.js Show response
cdn.holmesmind.com/js/modle/ Frame 2582 40 KB
40 KB 38ms
37ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: X_aLocCqsmqPAx2U1E3_4JQDn3OISwiD
date: Fri, 08 Dec 2023 05:08:23 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Fri, 25 Aug 2023 06:48:46 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 4
x-amz-server-side-encryption: AES256
etag: "d51f4efc881ddc4b5200ee509878d138"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 40584
x-amz-cf-id: a3wTOTHU4O1S2GmTMxYB9MHf9KDpdQbgTWgP4naEUpqHGO5_JzS71w==

GET
H2 200 cf.png
cdn.holmesmind.com/ Frame 2582 2 KB
3 KB 93ms
93ms Image
image/png 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/cf.png
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: JXDsYp0MpCsC07xlgs6M6Edv23lP_HUM
date: Thu, 07 Dec 2023 18:58:10 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Mon, 19 Jun 2023 03:09:39 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 36614
x-amz-server-side-encryption: AES256
etag: "7cb0cc414e01c6f48a9eefee02d81959"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2399
x-amz-cf-id: mUV3NeKQUnZ1KtJQX8_R4oEbY8qt64kTr3U_Gqg-bfvEQBWZBFoERw==

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 59ms
59ms Preflight
text/html 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9f9ed04407bb7890000000000000000%22,%222%22:%220xa49d184aecb3f81f0000000000000000%22,%223%22:%220xbb534206ab6b43450000000000000000%22,%224%22:%220x3bbc3e779d1178e50000000000000000%22,%225%22:%220xe86d43ee1b09863f0000000000000000%22},%22debug_key%22:%2211575194169130789007%22,%22debug_reporting%22:true,%22destination%22:%22https://owndays.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211247553486%22],%224%22:[%2212-08%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214456626553910491073%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:23 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 77AA 39 KB
15 KB 25ms
22ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 20:20:40 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 66E3 41 KB
14 KB 47ms
45ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CRh6uN2sXOjlxM6MA91lK-7WXS_201aZbg6fUB2eh8ZBKmGTLYqb4MkAlzlcEgIRoCuaC-ZStAh-Fim6L563s4ZiOWGA2Qgw1yfJn-tRoVSY1leAQhqki6b_4GuxZEvn361itfKRTF_EmLZKsmlYUMpqENpWYAPQ_hZx5g-hoXl3SzXTk&cry=1&dbm_d=AKAmf-B1Yif9GSPfGmLJTKI4k-U6puMY1xM5BK6yl1gShfzitFw_r9_QnRgDnVFe-Al7NyeOJL0lTdkW0va2HQm8VwT_AK9vn5AQ58IVKV4IUGKV5I3LQUI1IcNgvBCx5nhanXbEbirX7eduqoBV6gfjvA4vP4ajdwMtmp6xqtCMj_d-N_tfYKua7fqFsSwUnwd9SCcRLFIUcF-cVlcKbJdEiOsWoU9e9ZwZaCBPCRFT0oawPw7fBTBZZevuaSjKXEG9jMtN-sI3jArto-VljncdOdC4tH5q8Yrm-AknYWHYm8xMEpYhU-cGyIQTdQJP1tgElqQbdVF-GoewC5RteSjZUhfiF609lnO44f4GaWSC0ps4YLw1yYgiJP8RUr9yuXp6lkzPGZ4cd7LRZ_9bNr27ekeMQNECLtm-JqDjgOPxPjGv4eQEGWsNolzsNVgqRP_MXG--TCkJ_gya6-XdKY_HnPddgqlEvr0o2N9HvZfgox3dwiMTSLlz6gdAmUdxLCOqk1v469wVcT33xkpIHug4B-lEdXH1-5YoABRndBZkBwJj-Z35mSOuxIe5K8m1wZHHOqN3nzlID3pl4Za4BAssxz6u_Psv6AsIa-KMC0SmjZ03bW5qsxmx9_EZ_1efwAwoJ4sXUQs9ABt1eJ1SoQ46zqXwK9be5pD16O_aZmM8WN7nVDljonSTeuRlWovny1EZuZmZoVoQQ_AJdtH8xwvxQFsU-38ixgGItUDYq8J7fY3CmjwuLaPZFHad6PhNHIyE66HjO95btyBYvow3AEFEwrleXW8k55exxMh_AybUriqyRDk4hAy2mLQ_LtgYX1gS_hGfWG2nbzB94qfuSbfpwmw7q7S58vs_izpfV7VCRQjVJzSWEfS3wz6a25yT9dWXk5nCIuBMtFcIL8Y_A0f8wQDX7MBNpW3hg6p-M7kivCoAC0h0ldxyKBrY_PRBc52A0rDYHOdmvqf63POje13Kbj9ZzqGeNCAtaLFoOdNUS_C7_lCRykx0uwnopP455DV-yGF86xz0NvS7o02lwdb7VsCZUMSWw6KPsbfB_Sd23jctx-hox47vcuujKUzIY8pvXhqNQk-ef_6NB5YWv_yF9h89BvUtNGH58jVw-N63puTQG2Fl0OCOTcH-nobw-8fX0n4Q3qPeHzZ-v4fD65gI2OxlSdFqUEgHMZ4I9GCkSG008jWhfUsgrgR0qVR2ZknCvBOfQQqO-Yj6yrR0OZOxQ_inn65KVsQ3HqEKGaXjCMJhGUxtsSQiS6iZyWzn1izoBzZ2lBq9pIwIaHZgRLhqT6AX2tcT2_dg127sfvJMlWxFVPOcMethC6SVEnykr4hwsQKueTuZsHw5m9DsW4oDRTj8aBS4Pm7gcqYe76om-imK520xENko6W-scPh4hzwOr8bT60Moc3mdxmLoyGdGVyrfWNIPgg5--sb-ugbGmmiYHfPRU2HZqXP87YN0efrQlszpadoiVUDE_QVcjizSC3adedP3HaOfO2VKX5gjW4fmCsWAH-xgK9boXs5M-iGv9IhtBgVtBAFZG-a0XjuGlQcnGJZ4YKNch-IWMUsPj2dT5kP0EgOri-4TMOgoqEjZ6qc_zoh1qp1ke0L8IBSt8OzDfIOj0yHMZL0llhpVLiqJTDIXYGxKSci05DVy1OirGeQbY9BZ1NtkfPF1ZWNESWzRwFBDZ3dgaZmeEHbXkb7zOhyUYQEpISRVnQbjndQBJO5t8lyIgJBZnRQ-6CZ4skJpPejteNUVH0nQePkYk6vMGvJeJ4SScCSYJfhsKoFtF3WnWNSkqaYLG2ngmEeFo3cYyb3oYscilj38C3cOOiw8IovEXuXUwwhR-daxTbXNGznQGPbzK9SlWk7bgRkF1QMKjtL87NiJM2DKJROaLMDfz8czwivb55lWepbQbqCl3_itNNYTWCSfLAUCbY-kfLK3Aq7_Uf8hRzX3gRqPlh5uOONXNRRnzp3kTzp-DjPVkLj-nv69VRgPWmUNvLXzmVC3PojXLvx1ZjdAv9uiEnW_V5OEMolYEsxPp21vTfm7v97cxpyUIdHrbjRM4JYZWxVPASRWRT9Cvxs_jzkDwTlhLAdguUTWUMUvMP0c3CanXdPfosRcCpGURUPhMa5FiZSE-rMOb_MpUh1h0uQIrQcuXW8ffb_qaYmkyeDOitCdH_klz2zYra6SSjj_8s_Qc3AdAU-cOX9_AcCK84mUMMhT4OqgfcFz0AFJZpDIukIZ-rsY9JrMAypp2NpQUHaKk3mXG_ynrnYs1Dk0aETXdkm9KYHzHi4yQtQgl9spu_yRXfWDa3zTIoka7xQiCDGTjs9EifhmuzocV4C3wMtE6ft_i6a5AEg5MME6xLFmZc8oUxwMWUEztTHqwAjEkqBAa9pupWAgTCUdYs3hUR_JsIhu6_8JDV8uLeKqiqGpXNC6gCia_LS8E6JgXfdaQMKTn5Mcki_dm_Ygu9AnWZ1t59Ffsk2f6UqSjRTLRgTG6X7dnyvl9MXIMHVOxGb8KXNN1Cxo6wuRLnIiDlBblRvaVQmbvAAbXTOuyxMpnPpKY3eQw6AT935G4v6Oi2Y1cLHW_Qnj4UctOcwY0Cd7YF2H2yrdbyTKHUe3FRkCy4TM93JaiAWn_Q1TZAK2CJXmPSrAqU3ziwvePOtQgMP0THDKIf2NWABf353Qp802ZzlVEqGOi8TFCRZHkVzXe0VQkjdOoWv7y84J0eldah2zUYLPVNJlMs_nG7R5yJkk8Xt_SzjXsZQUtHDgcwvjlYWq8Lmh5gtVdlYsWaHnwuB8dY_5Ya587-p1x6LlnZCiJHjU6PeUUXXGfmXWO40QeJAvTydAVBPD6qyEqb8W9U5ZdCr-je2_jODHWhk6mWuUQdha1GCfrACT1MRzRmHIef3eDpxotSb6ZcN6dGH2r7LlOnNnShpvcMLbk8McyTf8IC9UPbyXNZxvRTVGrcpzxJMlEZMqqvOZnXy0HQhXmeNi68SU5NDDxlRDu5ATBNBV3whhLImdok4eEVn_DlXZPCHE60rrcV-rXf69-H0MZ5racxRvtP9pue39Gholh3sABbVIm4p3jXNo9F8C3YivrVP02nYCSOrVGwHgpPR0lgIKahrKAka1h9M5ta_Nm9izJ2ZPZhqHr02XrkulG-U-W8Xptw7Po6Q930o3rWJcpKXdY41Fr8dgJVZnNUx3NAqLEY6aop7XWc5wKLBJVUOleKN4fOSz3dvBUFrnV63gtgOy26ZhE24Q1M64RCBoRiNzFTO87BWuPSgUPZ1AGAS5mDo3-X_zgUMRNwYcbZOEVCJYJHgAC0i2QY1q3FuTMSAZxmOFCqIZTWsz0fnSMiT__B__GenOfrYhEw7Yx9lYcL3OoCe-X8BcdcNZ0AuKiyjmo2kx_ZaC45lWE9Jl5g5wngarfEMKFy9XsGRTDxTP8oJfNRK07RSOxc9A9yVQJD0kD9NMH7hp5B8e8Hewt9bdjFebFHH223G6FYp_-rpib2s9um1WjBqGarmK_A_105UaU60hnvhkf-lgd1ws-ILsmw_zeNT9NkUF6tLZpqEYEXRwXFjolKgiMoCGP8RcjU1crbALPL5CBai1lWEhoQdKwEsElrWLZmO2Y6o6tJkaAMXKYKyc3fduZNHWjUA85I_uFLM5PdeUt_tEFsIDu8Jp5aiS-Qp9DNAXEpnRoua57EZaQbN9QT51P-dIQQSac7nGpWfKOIgnFkSFS4Q2EWK3tqyBQr3HJASuzexj8ENgBAeMNVteiao310PZ1w4Hg5M2vparDhYyi0bwa0cXliHz6DXhb0jCamC_j1VA_G3tm76-yWedg0NMKqsTsafomz4ypiWz3r1zUgQOb9OissCpJOm1a8OPcUoNjowNtAskIxX05x6coW1ZjjM8CaNNNmdUqOiNLNRLmJG7KjeLlkTAe7LMIhvqvMpfuYr_Pdv-NrvJ6bN8C8u3VejdPG53pYWOmxd2H3uLiBKNaCikXehT2XrWXjErfW2jIp4w3MJH4JolowCu-SrXXCDjtyWblI1Gaw6qJfoU7C-zOx7l8l7jOMkLnha7PzM2R_6VVOFj5x5dq1OVRMm13vwdcQ1XDp0C3o98eUq1Ky-bi2wJftqwtOlwTQyQ15kZPHNFEXydqvOFX9tBH9ggYjkJRao4Lz1PtEDo4dBtruAqy_218_1GofmS9SV_pOGuohlsd6jCmBOODxMhZ59hcqnVGqRyqFUKnsiEOm_XgMGjbKAO&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Freurl.cc%2FgaOWLp&ds=l&xdt=1&iif=1&cor=4703141127577787000&adk=2228999114&idt=915&cac=0&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 14:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 224398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Dec 2024 14:48:25 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjAxMjEwMzg0MjMzNgogIHNlcnZlcl9pcDogMzg2MDA2NzUKICBwcm9jZXNzX2lkOiAzODkyNzU3NzI3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame 66E3 0
500 B 69ms
68ms Image
image/png 142.251.42.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMjAxMjEwMzg0MjMzNgogIHNlcnZlcl9pcDogMzg2MDA2NzUKICBwcm9jZXNzX2lkOiAzODkyNzU3NzI3Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMjUwMDE2OTExNDA4MDk1MzQwNQpkZWJ1Z19rZXk6IDE4MzkyNjk0NDcxNTM3MDE0MTU2CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMi0wOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDkyMTIyNTIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNjcxNjg2NTMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDc0MDA4NjA3NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxOTk5NjM3NTYxMQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQ4OTk4NDAwNAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZnJhbWUuaW8iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.42.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s47-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x31cf62f1e4c253f20000000000000000","13":"0x347436840beda26d0000000000000000","14":"0x20f3868c295d7f830000000000000000","15":"0xa282c7740a7d4de70000000000000000"},"debug_key":"18392694471537014156","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"12500169114080953405"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal124.js Show response
cdn.doubleverify.com/ Frame 66E3 60 KB
20 KB 38ms
38ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115741&plc=4158900&sid=18330&dvregion=0&unit=300x250&autt=1&ppid=103&aufilter1=3060631&prr=1&auevent=ABAjH0iiHPlrTZV1w_DO-3v2j1M4&c1=3060631&auorder=1011537657&aulitem=19996375611&aucrtv=489984004&auxch=1&pltfrm=1&ausite=449233607217&turl=https://reurl.cc/gaOWLp&aubndl=&audeal=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 28 Nov 2023 07:41:53 GMT
Server: UploadServer
ETag: "36b6087525da09e8974d3f2aa1f7282d"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19649
Expires: Sat, 07 Dec 2024 05:08:23 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 66E3 443 B
579 B 507ms
112ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_840859987565&jsTagObjCallback=__tagObject_callback_840859987565&num=6&ctx=1828362&cmp=115741&plc=4158900&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=840859987565&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=120&bridua=3&dup=null&ppid=103&auevent=ABAjH0iiHPlrTZV1w_DO-3v2j1M4&aucrtv=489984004&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375611&pltfrm=1&aufilter1=3060631&autt=1&c1=3060631&turl=https://reurl.cc/gaOWLp&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=171&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=2.30&aubndl=&audeal=&callbackName=__verify_callback_840859987565
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal124.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 4a8928f1a1c4ad6468088a69d2b6bb573b18dce990f6cffc7f59a0293cefe7c8

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: br
X-DV-Response: 0
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/07/2023 05:08:24

GET
H2 200 c6fefdd77d017860676055a778536143.jpg
cdn.holmesmind.com/image/22990/ Frame B2E3 7 KB
8 KB 33ms
31ms Image
image/jpeg 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.holmesmind.com/image/22990/c6fefdd77d017860676055a778536143.jpg
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b51c49d428fa8463f46232048c405279e9ef08761bec2d8ca652a5b6f8ca20

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 04:04:18 GMT
x-amz-version-id: ysgQpF7fmaAdzihSXl4y9iXkU7lH_k0z
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Fri, 08 Dec 2023 03:01:40 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 3847
etag: "6fbe14bd963f126112a0324ee74c37ad"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 7314
x-amz-cf-id: bWNxokQseGFUXUGmwYJdoZofQC0RveEHBvnZzEf-uCpZU7MM-vDJDw==

GET
H2 200 ade-tracker.js Show response
cdn.holmesmind.com/js/modle/ade/ Frame B2E3 2 KB
2 KB 34ms
31ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/ade/ade-tracker.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: e6irG_P5F2jdCF9fNky2jWkkhxNctdGx
date: Fri, 08 Dec 2023 05:08:24 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:15 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 8
x-amz-server-side-encryption: AES256
etag: "cc88de770769cdecaa524a5801120c78"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1646
x-amz-cf-id: hUk0H8rePbO__3DqEkJzxT8-jBQofJCLtRRPi6Kp3wYE3O2iTNNLvw==

GET
H2 200 v_sdk.js Show response
cdn.holmesmind.com/js/modle/v/ Frame B2E3 192 B
591 B 34ms
32ms Script
application/javascript 143.204.126.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/modle/v/v_sdk.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.126.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-126-128.nrt20.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id: wsgDAt6n73AfbveX4G1Vz0rAUst7spYk
date: Fri, 08 Dec 2023 05:08:24 GMT
via: 1.1 7736a81769070a5c539823158e265e4a.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:26:17 GMT
server: AmazonS3
x-amz-cf-pop: NRT20-C2
age: 8
x-amz-server-side-encryption: AES256
etag: "8644272abfaa44219b2ed3d118b43dbc"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 192
x-amz-cf-id: idoBr_JW5E_6awylx4A6MuCRLM9fRLbdrWa6Et1nDGVvXS9BsbOZvA==

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B2E3 3 KB
2 KB 32ms
30ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/modle/Live_Streaming.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

470b45980cad690bce770638435856f2414c9c1945c3905e84e78cb18dc75882

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:24 GMT
content-md5: 7b95YkMlrsdJ4IEucKQTqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1684
reporting-endpoints
x-fb-debug: ujJZMt1IqS/5cxAXG4qGMqRHPGr/F36PHv2tfzna9PjJTL2shdTH9H4MHsR6xDrKW4OGULM7j72gN7vIQzfVkQ==
x-fb-content-md5: 845fa586434582f2fd5f0e6bebb8afc4
cross-origin-opener-policy: same-origin-allow-popups
etag: "b40fe23db2e853a40fc48c4ff3291050"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 08 Dec 2023 05:12:51 GMT

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 2582 0
77 B 34ms
32ms Image
image/png 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1702012103&p=14210:107102:202630:be766b44e645861c191d6e386f1189d5:22990
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type: image/png
date: Fri, 08 Dec 2023 05:08:24 GMT
server: nginx/1.14.0 (Ubuntu)

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame A371 38 KB
13 KB 32ms
30ms Document
text/html 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 120229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 06 Dec 2023 19:44:35 GMT
expires: Thu, 05 Dec 2024 19:44:35 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 events
bidder.criteo.com/csm/ Frame 2582 0
186 B 57ms
56ms Ping
text/plain 182.161.74.18
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.18 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://reurl.cc
date: Fri, 08 Dec 2023 05:08:23 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2582 43 B
365 B 25ms
24ms Image
image/gif 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 02 Dec 2024 05:08:24 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 2582 43 B
365 B 22ms
21ms Image
image/gif 182.161.74.1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.1 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 02 Dec 2024 05:08:24 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ Frame B2E3 302 KB
87 KB 315ms
14ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=2db011eeeabadc58ac58e75634543e75

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

25715ad3d59c75337fe3341b3a491aedb2eafc2ced4b262af36c9226258d0567

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://reurl.cc/gaOWLp
Origin: https://reurl.cc
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:24 GMT
content-md5: udYIwlqnqw4Q9jQmRzqC7w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88321
reporting-endpoints
x-fb-debug: OAm2z/C8T4OWRwOtIBSfC2xWlSgOhZfJJqJpfAhu422Fbo5J3HA38mA/wgqJQsDTdlKJRxGlr9DcBxHUDlaPVQ==
x-fb-content-md5: 809f12d54813f3000cdcaa648303bc54
cross-origin-opener-policy: same-origin-allow-popups
etag: "88409af98a3dd54ef0b3ac66340ac104"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 23:04:35 GMT

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame A371 39 KB
15 KB 14ms
14ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 20:20:40 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 77AA 0
56 B 59ms
58ms Image
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BA5j2x6RyZdzkJ-KUvcAPiuO26A4AAAAAOAHgBAI&bg=!3d6l3pHNAAY3kmNgF5I7ADQBe5WfOHWWCqg8u3SleAa2cPVpObEuBD2CFZLnfnVEUkEKQ0hD2i_L1ZA3A-c7aZQwB0FcAgAAAIBSAAAAA2gBB5kDRBS3UW_XzskzxWZjR6xn48OzT3ucG_hqB04LSaRazB6jUoG4rgNN8OYNp2sT6xAEYPAut_eA4reOvyo5A8cj70kyeNpisN1wgLJKBIOXIFvZIFDdAnVJ6xAG7jCDmd0uL_UG0kRGYErtpBzUfB2C6nze79jCRM68iAm-B_xmwWlL203p8KHyn89v1fowmeX4JnpXUg_PGSbo6U_OKaaMdDGu5cmljHAZXDsigeWltTz2JdWTo0JeMMDDw-1Xr_JrlMf5uKdcc-FVLk0WSCJBXxSmIphZQVNvAq10mEz-Q-eCnn9QlOKq3n4FH3tjcOMeD0oPnLKdOpDNJ6kfyIKwMvbXuCfaK28ogtSEb7EEWNmcuou_CnV2f5P0rDMr6wuPeSxPezM7MssZMHd1gC4xaF6nkQfBwg9siI5gEUABaJjNa0jz0QGVaHc0yG7IpLOoHVobDVTH5TcUZHbL5-O96DFZEu82JU-9XVdptKaafymdwVBR3nxOSGpU5oJHGHRYCKvVQiV3Ui2KpvC8Ktmdf4Slj-e44PafT4yXGAGNH9PozKckw6qRsyBvt5rTRKPBaSeSrpY31L7lDknjTOrrazXF2E2Ys30gY_GsBBVSMC5QA4r52t4SytxjaIFSheioijBcRfBsWH7iIShk1QjjFTA3fuGyupY3hLhlPSl0gwoOmXJkJGMuQxZoIVixDNiVdvWs4VVOfLrEFN9g9kUzt3fuT3gp8RdsMBj3X0o8ralXnd8ZNFZvhOoT6nNFP303tz938kIKlZgtG09GKFq7QKZdjDACqAA-xn7FMbjBuzCMs35C_VnFMFRWuIaGO6PI8H92CMl5JC7fyWhrtnH_PlzGUJQRTJkpvs0jyykhcl6W4PKltgQ4ib8juOIx7_x1xCW4mggeJXQ07JDL6IkS63fg8DNF099Xnqmue8vyd4Jfs-oIh7osW9Ofn-7TZuwf7J9k44egxVkEaa2IjBseQXtHT_0qUzCXc3GlzhybBqAPJRr10Aq2Fbf8pAAsnz3EonXrBGvUR5Bs-Nm4tSK5-CSKMhMirAYQGM-4Q8JHwr-y79-JZxRtggxFI59O8NDEWks-kAimfw7Nqj7GNJC_WbMiqD2e

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A371 0
56 B 55ms
55ms Image
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bsw1Nx6RyZeC0M-P_s8IP34mbwA4AAAAAOAHgBAI&bg=!k5ClkN_NAAY3kmNgF5I7ADQBe5WfOCmbhPi1cAFP6e9HvxcetoVjIpp5vHdPZ4siiE-4LcsONQgFQkCIjwyJXl30rPLfAgAAAF9SAAAAA2gBB5kDKoIFh2GVv-QnK2wehdj6VdMaO8KdIf7xIxYqZFUW_50IsYzUGXcdVjT3PAUyseu0t1XGcX-GBOBvMpjwjqUDh9NgHv4ICLyPEGeL3fIi2lYOcGbLEGeZnGo_ypzjCmwWwEskZysJhXrzoxUwxcxx3snSVC1A-nbTqXraaHxrmaxm8E4zDv5MCDwt7yOiP5wzpuWtHlQcs3bxmzNX2tSfkZrfW3QYOiO1ipIZqaeUsnNgVxdyWZ_BjnJxItV4XIeGBAP1AxV6cPlGDpYOUwF38Zwdh29jVL2J5jz7mSulovo64ycVkb15ju8bcUf1W7hnLTWCol-CIjzTEd7_4Nlze6az0cDcRjjF-BBDWO8wHJz2g5TAhfH5Ps65xMPl26Wpfdwpt-STW4Y9kkj0SwcpuEsXp8gFC8WgjtfC3mdkungm-CDrxVnO9hj4K5iycYIVIzRJi27RtV3GOrOnvYaZ-IHvmQLb0j_gPLGAJONNzzr5TPO12rdsCj7MJLPGsTd4W2CG_rQYzUzFx-Q5fQxie9vUUauoMyxl2MUkwumCI3ZoT3OfVhAiqF5yf6dFQY8-P0d-pZQ60K1WC80MjWL7sCcUM1_fUwniwC2H5IN6Q8RLBY_fCMqK5hkUEKg0Klz1LU6i7Nfp-aL8ipwN_1lUq6jZllpIwU6EIn_tyBOuJGIxp38gvaHlScjE3J18Gk3LvJCsUTwuDi5DNaUIFOI6k4FMLSrh5CUgUnsObhEf1TUs5182Af-Q6M8qxX4FZLlecaPLkLS2AyP_01wKdfbIOCBePQ-PwgA0ssQzVBa_e-4qqP2W6iCuazSyAh2P2qwjYUstLdk43bnttZp10maPkVJ3vKbQf4Av_JKn7o5K6_eGTx6wk9kmTHCHussI1YkTok8l0M2EzC5bVTYXTE37H_AWiI0ieCskqfvn6Ri40Qp-GJu2dfntfdYCKEXq0IOMYxhf-UCmwPkAnTY-RQ9NQMZgLYb_BmqmHi1WwS2GoboPOHWUxO6mqYNoW4fLMM760FApxBvkj1kJLdZ154hOKvEr3Dbg4mIK7JC9RTWSg_JvxmHGajKwhUbo8w

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video.php Show response
www.facebook.com/v3.2/plugins/ Frame 520E 168 KB
42 KB 423ms
422ms Document
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=2db011eeeabadc58ac58e75634543e75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

e5ee9a2f03497e345314608584d96d320e378e2b54471139aae7a91107e111c0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:24 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: c0t3yva8wmiL9hKhj/CFgpV5rHQMEmToEzs7RKwEwwMZe1p5aE/Sp2og+paMHd5xe7JKUBY4pzmCXtUPcZEFWA==
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1330 42 B
108 B 358ms
57ms Fetch
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbn-wUjwzpPMrOG5UBmgfFDMiFkNp3_T3F4pc8rPBcAQV8-TmNwtXY8zgluYj2AsQJrAXof-jlcDXXUl9dNtPwyGYWzLTlV4rfekbjMJYfNSf3l9HzXZznqI3A07Sapg_OJZbXZD7H1iRj0KvxnLFpJf0dPxi46CCqImcypBOC6DYuekYjs8oM9Ixsjpn1DqyPmL9Zze7nT2vlXYkJsunxufbf4FV3NLC0_S5xCYmPxaZQH9l_KYzKmpjwZsB3pYP8Vr-_pluYNX_dgcSr32pBDJaKsxGnLDzP5qN8Tt1J04cZRcvF05MiFR84WLIV3IGSS0jg92fG6goAFwrO3fMga58lB6Usay6hQs1NJS0Jzd2b8TX2RjEXqKIbd394WcPgVRZQ4h_T9OQj1HzjVEviOKqPAna_la-eEOIDP_AC4-v-wzbH8JQG6uHtAAdUIjNBm2Iwucizb2esT_qp7MB4f53w7ExSZFLQhBK3J1AFfVFMJxGVgh0A4q6qAy6WFgLjndGy7gA9-gaXiW5ovUU7RuHeZr7I6qM0gq22tzLkWZePpIed0QzOnZyy5aYoYfUIsgp607Hm17UL6abGYjhi1jesJDwSa4-yCSvLysM3IY4nqxmhISsE1G1icMb5JrTq1M0-kmT0SsHm0W-vdW5V2xt-ZdddyPrerR5V8wXzW1ND75b5tvInajv7QLUr0tVRNK0wZyHt46YxyxGAK6TDsrMSXz_X5EzDlZ8p-cU5FZT9sUIYLc6TFE-AgQJMrGJSJWO-BjVGMlHR-fzOCK4zGTuj-BeXay76LOdKDAZpSkLU79urptDUAMi8EDj9_DlAPMDUGSLs3jXh_OdZiokmq9H2CbHFdfhconW7XNoGJ6QWc3zxmBayXdIzjMCys5v1PVS23zTZWY7jzchWVOEFXt1WiyjzVZE0-o_XQf6pPgVH9rBd5h92si7XqEBTvBfsiJX1pcRrnt0mDnosfxGG_2KVwCNyipBtKygGi3MdwhhxmrCnckM2ejOiAObydNRF-LobAjo4vgoAAxCmDCnVseY0Vu6kEn-KXEa2viA-9qCVMKwveiVeMQvBfUtaGbJDIgW-x_g4vjX6hijQ5UX1Fqr_oSQiERemxmJe59wRTQBfHHhM6zx4YFF9P4LybuktHGJybHnN_-dC09bRJ3ZNn8muh1jVuuRZUGqDND4_rlxtNbfi8SvSUqxpt0IEHGdRrair_kRnf2HzMICk6Fm9BBRaq10lW4C59VUE_L164Hjt1bAbemAA9O11NtrtAxrrlFVSB_db9-5ZU6gCnzj0F0kG8xqxIkdZ_0748UxWgdwMmiq4WsNucVZd8_SPDfy65VViTiqH-VqpeSKWwWgmbzZyjeFRnNpMNwPpK9LdapcdqBy85XoJBvwNO1-79Uq8qjrzXWJJK5KGFXpb5khezPxtBPreReWQUXCFfURVZtdKQBB6D92LXbdjPS9Xlul-h5kxRFk6Hs7QdrZjj4L8ZE2pjLcnKGGF4qo17KMHFkDh-r_5YFbm7QNK-liAPZ4oyFzkea4LvTsOhCKDWAk&sai=AMfl-YReNbN_4xpXW44pGL4aXn61Fs23SALlaSSIoSMuA9N-xQDKMtv0icSNmIU_y4ZTXTM46aogKA4bHoaiW33z_69sxqIE1_BwR6Wvx6sCjqH_X0tjYJ2Ece85kV1ho78ZA7XggYn6seNG7pau3Ys2Pk2IPJKsFAbR1IFRCF0xmtkjRnwC-8iQ&sig=Cg0ArKJSzMaO1664ZkNAEAE&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&id=lidar2&mcvt=1003&p=358,640,458,960&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3271617715&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702012102649&rpt=757&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 333C 42 B
108 B 363ms
61ms Fetch
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5RXDeK0UeDFwf2bFOYsS81udnqbs_MwoWirk7k5tK8LjWZRNyvIWTNl1sqil5yzoZm_ucUmQUx73UvfcPaxfg7OxL1apHuOBYGqY4b-THN2f128j6R5tGZC9zLXmiS0hIrwdRWU6W1taR5a_dgxF_ZMi6I1Gkli4w_EUyqT_WTP_P44VBxpYd1np2stvea7moLwqmAVZ8Bhcxxjr_AerAqHw0Ceyi9YjA-ve6nEhuqNvZimdI53pau96n4_k1zrysXoYVcsOplrR_t1qhXN0AI-6CtBKibhe97QoOxUg3kjsVc5jfd5fYIBEzlXnYFUME2qcHyHwM16uLdlpkLdo4jA_DLoBqZr3Na0AzrwWQA8boiXPS3e7bHo39IfkcdumXs1PrRL_kxfNNBbMb3Y8fVzjKpZ8iSgOn5vl5eHw9m4CzUSC6amB-EyWbvaFTWnnawNhD7z6joARH6e5_LIuBzrhGXGDHdD_jnuHKkLVGszf0wYXtTHe6dPr24d3JZnxBJXNJ58rb4hi8ks4-MGWYtM63OZ1JbGC5sUVaIzdPs-lKDNJ2Yq2TNfYKv2_Pw_cvXUq8Ua05e-rrK7setmem92FFGU1tiA7VYrnVN1A5yx8bDyDWJwOmWB4MNJSILv4YPV8wc1jwE8MixLFq-SlAQQkQk6uu66ZlyejvjptmZh0N1jy2Lj2v4yD_bzyHb_ZRECfwS1EACdbGLAo4Zvj1l0xgRBv9lO66_VeryOjivqBIkwTT3JvH3vapQ0LIyJbNZ2Wn_BjIAmiMO7120Ir2dcVKniZAs6cM-AOupjnN-8MEQ0aaen3LvHZtOm-AeBINBLgddrjQaKPvPfj2nLclz1ihYEsjED11N6Nrx45MDTRqqRFp9X4fmmMN6IJW8tQzluH2sfL5q-laTmBkEezVRNQY6e-Pe5bRZtImE12EmEkSqzGlgyDCUxJkzlBkk-gdPZ2xCf-ehKA0lWv5yVJYH325gUReGpcrDu9-dXZ2C8jkh8gSBhXIY9RfoJ6oUVUH_16mT6qTcTVxQqHF5Z90fRuq1fS5YmUhZ9HEoM-VWYx522uJuwEIWXYIZJnKEUg74ng56pnz5R2pYU87iUxtUBUR_1PnKpns1ec-wv0V7AAwn9ddzhRgKzPdamBNwlbxAfTS9K-xtlJLYIoHnFizGiZvk4RyQN7Zx02vHplJWRjk7xD23c2CBJDkfvddQ2fu2-u6uRQF8LUD9hD6DfSXbh2W3LncssP1JS1AGLfLaK_RhSvEX5yKGFTpHkAKFipkgI07ts2T-VZ8kUXOzVJjC7xi50O9V9tnEcVFTMOxRPQMxLrDlIB0B61D-_tl1Fomv2hN7cpFgc26c92kO8anU94uKE9OGjFmtnWMiCb4jBiP_poeCOPwsgT2wQi3CK31E0J_JjvEuVin5pgqldiPrkaNHKZp_k8b8WP41H2e2aUVSuZiIFUwm08scGwZ_Y_meCFCJ2m6La6I00ghk3_Gor9qMMxc0TGT5iT61jMswW5VCayP9ehPuR-9eRRwij4-1VzN2qJP&sai=AMfl-YRq1zhEBL8BCOUU-IKy1ocLaHv4Loewh9WSz2tOzeCv9CLRWKoAp_j1Ii2ce221wrTsUYK70lvVi3UnbWy9BBvOziO2woylmMjAE1AEUCdCuJG8WKYsf-1hM3BhzcgukD7TdGpUI9CRgV-kf5o2PEaKpXTQmma82kUkQkoFvqzV6R7FvvOP&sig=Cg0ArKJSzPn5a_06ZCrsEAE&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&id=lidar2&mcvt=1005&p=555,315,645,1285&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=81851380&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702012102554&rpt=865&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/115741;4158900;201;jsappend;DV360;DV360FY20EDUBEHInMarketJPDSKBAN300x250/ Frame 7C1C 2 KB
1 KB 73ms
26ms Script
text/javascript 2.18.148.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/115741;4158900;201;jsappend;DV360;DV360FY20EDUBEHInMarketJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=973535.6915131565&ft_dv=%5B%25ft_dv%25%5D

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.148.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-148-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app13.tky11 /

Resource Hash

9fca2d1e62e2b4cc37b8153e842160dcfc60f58d5421885cf3dc51f2596093e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app13.tky11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 794
Expires: Fri, 08 Dec 2023 05:08:24 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame E783 424 KB
101 KB 17ms
16ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sat, 07 Dec 2024 05:08:24 GMT

GET
DATA 200
OK truncated
/ Frame 7C1C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 146606959451a22e2dfed792b6ed977aa0c67b4a73134684d2ff17bb9096f0f6

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/115741;4158900;201;jsappend;DV360;DV360FY20EDUBEHInMarketJPDSKBAN300x250/ Frame 66E3 2 KB
1 KB 82ms
46ms Script
text/javascript 2.18.148.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.148.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-148-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app18.tky11 /

Resource Hash

79d0635ee2b8675bfdf313b1fc5aef3798c52cd3b86f7eb106f6cc94ea2ddae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app18.tky11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 795
Expires: Fri, 08 Dec 2023 05:08:24 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame E8CF 424 KB
101 KB 17ms
16ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sat, 07 Dec 2024 05:08:24 GMT

GET
DATA 200
OK truncated
/ Frame 66E3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 58c3a23c4f972190b18184acaa9b530823d63347967e06cba16ca2eb005b1739

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E783 699 B
731 B 370ms
131ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=81&ttfrms=17&brid=3&brver=120.0.6099.62&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1702012104609844&jsCallback=dvCallback_1702012104609525&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=10&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0i6paopvQHxhzuQmh7G7-IR&aucrtv=489984004&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375611&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=130538183295.81459&ee_dp_sukv=130538183295.81459&dvp_tukv=84740521.82303095&ee_dp_tukv=84740521.82303095&dvp_tuid=354456357877&jurtd=1065853216
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 8b2c1995d554aa2802ce42ae934b2187dec183b3d31a959ad6dec5a7c9e66ee7

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/07/2023 05:08:24

GET
H2 200 prtct.php Show response
stg.truvidplayer.com/v5.832/ Frame C028 0
504 B 180ms
180ms Document
text/html 143.204.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/prtct.php?val=c&geo=JP&timestamp=1702012105&level=1
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-90.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 08 Dec 2023 05:08:24 GMT
server: nginx
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
x-amz-cf-id: cxfUxL6qkKxpmbkeRyyKFD5PdCta7Uxum1bIs8OzJXvhPjwnMX8v6Q==
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 367 KB
126 KB 732ms
130ms Script
text/javascript 142.250.199.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f10.1e100.net

Software

sffe /

Resource Hash

68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128901
x-xss-protection: 0
expires: Fri, 08 Dec 2023 05:08:25 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
51 B 1017ms
365ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahR9ptjasOkqKH9jSPC4MTKpF5ORMjhTGXjjqFYOcW8Cd/K7rmz9kbSDcaXZRbuF6XCFdt6gLz6wydZKNMI3pcvStsqHlStEMl4nDjt9bUpyD4yv7ZwpAYeC2qLawbizi7WsLvuOQHnwkm+8IjnjDGXpXIkGSIPmqogmBD3kErXaVdsKyxMcBAwV/1VP+m9mVD6nELsHX6hBJif7dUdTISVuVvN1PuDFdoyZT5OMUEpqwUD7HWbFMHAMqfWdCXeS5sg=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
server: nginx/1.6.2

GET
H/1.1 200
OK j-4158900-4015257.js Show response
cdn.flashtalking.com/xre/415/4158900/4015257/js/ Frame 7C1C 54 KB
16 KB 81ms
23ms Script
text/javascript 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/415/4158900/4015257/js/j-4158900-4015257.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115741;4158900;201;jsappend;DV360;DV360FY20EDUBEHInMarketJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=973535.6915131565&ft_dv=%5B%25ft_dv%25%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f8eded175cd5dcfb9c2a05bd3b87782757466192e49961f1ecd28e5c3a7efc1f

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Dec 2023 04:53:18 GMT
Server: Flashtalking (AKA)
ETag: W/"a7c6b0bad69fa97e0942dcf5d8e68e04"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 713934040
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=204
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15430
Expires: Fri, 08 Dec 2023 05:11:48 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame E8CF 699 B
732 B 236ms
130ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=186&ttfrms=6&brid=3&brver=120.0.6099.62&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1702012104743660&jsCallback=dvCallback_1702012104743853&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://reurl.cc/gaOWLp&c1=3060631&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0iiHPlrTZV1w_DO-3v2j1M4&aucrtv=489984004&auorder=1011537657&ausite=449233607217&auxch=1&aulitem=19996375611&pltfrm=1&aufilter1=3060631&autt=1&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=228097375.06283575&ee_dp_sukv=228097375.06283575&dvp_tukv=10561238007.746471&ee_dp_tukv=10561238007.746471&dvp_tuid=546954971112&jurtd=2554634429
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 0aa5fee57654ff2fb2cc0bdfe77bde9c0a4d1233bda254d11549e0e2a78f668a

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/07/2023 05:08:24

GET
H/1.1 200
OK j-4158900-4278386.js Show response
cdn.flashtalking.com/xre/415/4158900/4278386/js/ Frame 66E3 54 KB
16 KB 22ms
22ms Script
text/javascript 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/415/4158900/4278386/js/j-4158900-4278386.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/115741;4158900;201;jsappend;DV360;DV360FY20EDUBEHInMarketJPDSKBAN300x250/?ftOBA=1&ft_domain=reurl.cc&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Freurl.cc%2FgaOWLp&us_privacy=${US_PRIVACY}&cachebuster=558587.2803705592&ft_dv=%5B%25ft_dv%25%5D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 39504cc2fb8204b838a70967aee44b53523ffe9ac310faf7258747118aa8e04d

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Tue, 05 Dec 2023 04:53:57 GMT
Server: Flashtalking (AKA)
ETag: W/"0af7a3886b2f842a98b8972d1075378d"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 934287023
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=723
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15432
Expires: Fri, 08 Dec 2023 05:20:27 GMT

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame 7C1C 11 KB
11 KB 600ms
76ms Script
application/javascript 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/415/4158900/4015257/js/j-4158900-4015257.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: c0e1d78151251a9ea8212fa34e7a19034fffe668b7099ed44b7b9685add9dca2

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Content-Type: application/javascript;charset=utf-8
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 10813

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 7C1C 9 KB
4 KB 14ms
14ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115741&sid=18330&plc=4158900&num=&adid=&advid=&adsrv=29&btreg=4158900&btadsrv=flashtalking&crt=4015257&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=06F20F1F-7588-B5D2-C4C3-31B6A9C9706F&auevent=&890075057
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/415/4158900/4015257/js/j-4158900-4015257.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Fri, 08 Dec 2023 05:23:24 GMT

GET
H/1.1 200
OK 4015257.gif
cdn.flashtalking.com/xre/415/4158900/4015257/image/ Frame 7C1C 77 KB
78 KB 36ms
22ms Image
image/gif 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/415/4158900/4015257/image/4015257.gif?169000628
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 82ddcf504e891ea31eac36c9c2c68b0b210c48774017ea9d137dbe6d93f63368

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Last-Modified: Mon, 28 Aug 2023 08:08:58 GMT
Server: Flashtalking (AKA)
ETag: W/"1babfc5d17f462687bf05332de63b974"
X-FT-Origin: us
X-Varnish: 930427698
Content-Type: image/gif
Cache-Control: max-age=1026
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79070
Expires: Fri, 08 Dec 2023 05:25:30 GMT

GET
H/1.1 200
OK iconc.png
secure.flashtalking.com/oba/icon/ Frame 7C1C 1 KB
2 KB 385ms
238ms Image
image/png 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:25 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 394860326 286221358
Content-Type: image/png
Cache-Control: max-age=1656843
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 27 Dec 2023 09:22:28 GMT

GET
H2 200 OamzGS1IZIY.css
static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/ Frame 520E 583 KB
141 KB 32ms
29ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/OamzGS1IZIY.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

f7676b05cfe6f02323719832d6cd76edd888df6ed67e502cf50de7c8362f3e8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: U8rJgYF0sEBwcAq+vVfMLA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 144179
reporting-endpoints
x-fb-debug: NGdg9VkaQU575KmhyMXtdUSDBz6RKTSYL44w2s4qFQUR1Lj/MjQdIndv9IomMiBYi+OhpSvAmK5LZu+8mkgyqA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 04:07:27 GMT

GET
H2 200 PDrW5YVtlG7.css
static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/ Frame 520E 61 KB
13 KB 31ms
28ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

91233986c502d6d056ddd1cd3cfb6161f96133ed2e7dcc316d0b873dee022cc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: YaYYGdCv5EofwTHfMAyAng==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13021
reporting-endpoints
x-fb-debug: 7gLGsKQHUgsy8Yuui0vReTggt3ai7m6zFC+kh2b+jAKR6fbmFkga5id8ye1TvxPsv4oZzQIW2/v1Zu8ifCBAUA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:16:05 GMT

GET
H2 200 dlkLFa46YZW.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 520E 354 KB
92 KB 28ms
25ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

71f58649cf37e2f58cfaa2eaa1f9e292c721ab462b6bd022dc9e5feb9b8b2ade

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: NiMIzZDBjvLmd+NhP7cSGQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 93678
reporting-endpoints
x-fb-debug: 5BefuGMEPUYtH2oF4nkETiXxlN7e00j1Jz0myC3Y0/1JfR4Fz4yq9qIeSHqaeRzgJrYWFatW3n+p+h4494AgRA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 19:18:06 GMT

GET
H2 200 aQFKd1NFgFT.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/ Frame 520E 90 KB
25 KB 41ms
37ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QxtSbDtVvcAOcE+ucrAq9Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25845
reporting-endpoints
x-fb-debug: jO+fU1bq/xhgAakf9t7cqzRgLJyx+caiicp92I5iDsizvQRZH5r00j8PcRmluIEd1/z6MboCMpdrp7T5a6+7Cg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:30:20 GMT

GET
H2 200 QHVnRONrhhL.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yi/l/en_US/ Frame 520E 794 KB
193 KB 45ms
42ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAUQ4/yi/l/en_US/QHVnRONrhhL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3836c4eb13a6f00d12429a48c0c7cec9a973b2e7c89d5e325680b4a4bfdfa923

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 2mWSikJub+eg3Ruq7H3XwQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 197009
reporting-endpoints
x-fb-debug: gw23sWZuWejJnOOUPWGbOZUj3eIH3rLAeTMIWc1UmPjL0dF9N9bVaMj51hMncmh8+IVBRvkG9yp5EK+n3O9ZAg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 01:39:19 GMT

GET
H2 200 Ec8EdxuCpfW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/ Frame 520E 199 KB
51 KB 41ms
38ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/ye/l/en_US/Ec8EdxuCpfW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Lxn1hApUWOKiQ2EZomVAdA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 51831
reporting-endpoints
x-fb-debug: UJkzDwMWPnFDYqheEr7XNPAznyyyvJ59c58Zk688LOx9QHZq+EqXVJspYCWHDEoEatXFZ7CwUYGQZDPX2jtdrA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:47:25 GMT

GET
H2 200 4r8pcxnOs4K.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 520E 3 KB
1 KB 40ms
36ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/4r8pcxnOs4K.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GBf95XiiHK2guhZn2p/rAQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1277
reporting-endpoints
x-fb-debug: 6QG21lgkZ/mt0XOJQi7Nsq9PESmwZUFpDgeN1PsqkGyDIi/+Am1NptsqK158G4UBvDdCc0HLgi5ZDlP7lvd/aA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 21:47:09 GMT

GET
H2 200 GzNi5UO10uL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yi/r/ Frame 520E 395 KB
86 KB 40ms
37ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yi/r/GzNi5UO10uL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: B82MgG1Xe8DJYm99WEr4Ww==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87833
reporting-endpoints
x-fb-debug: e/v12MwpGcQe1wKAu6p/rCTUn0qx5AoPxcAkASB1H7w3urgDYIT45SCn5aX7x5W6UxFROpTGsvPJ3zBPtgNWmQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 20:12:59 GMT

GET
H2 200 w0yxjyrKD3l.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 520E 32 KB
10 KB 43ms
41ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/w0yxjyrKD3l.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: cg00sn1NB+8BxdHomp/EuA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10464
reporting-endpoints
x-fb-debug: hd7w9p73ruvkvc7ASty/cTwGv+SFhAp+CEBg9oBswUKw8Cqn9xX1zui40ogPZov4V2STSqiIO/lNdo0y5x+wug==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:59:42 GMT

GET
H2 200 377225503_330964986465914_5662477588753664114_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t15.5256-10/ Frame 520E 23 KB
23 KB 35ms
32ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t15.5256-10/377225503_330964986465914_5662477588753664114_n.jpg?stp=dst-jpg_p280x280&_nc_cat=103&ccb=1-7&_nc_sid=869369&_nc_ohc=8H_ueoNp9gQAX-gHSqL&_nc_ht=scontent-nrt1-2.xx&edm=AOJO4v8EAAAA&oh=00_AfBAEPpJdLfvV9c2DrGaxAsXi8G221eI7IMyWaXAKOkogw&oe=65786B51
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 9f248f1796561327ef09a67e632ac351ed88a981f1af942cdd66faa4d6597413

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Fri, 08 Dec 2023 05:07:39 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4046958039
thrift_fmhk: GBAMuFPr4+COCdGzK128jzcTFfDr4Z0EAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1490855268
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 23825

GET
H2 200 327240869_3055532101410791_2826010206684567699_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame 520E 1 KB
1 KB 34ms
32ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/327240869_3055532101410791_2826010206684567699_n.jpg?stp=cp0_dst-jpg_p74x74&_nc_cat=111&ccb=1-7&_nc_sid=4da83f&_nc_ohc=FKY1PBzWdBcAX-A0oHP&_nc_ht=scontent-nrt1-2.xx&edm=AOJO4v8EAAAA&oh=00_AfBkljMMuqGzSAT2VKdareK-f9ZKl_Xv78QjqGbSrKDRYA&oe=65783E7D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 4b0d105254d128c213222b1622a49b34a17835b5b9ab56dfd8264cb15855d688

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:24 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 22:37:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=89536745
thrift_fmhk: GBBzDXbwV7UKOVIgKrB9i5xtFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1375935555
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1112

GET
H/1.1 200 d9core Show response
d9.flashtalking.com/ Frame 66E3 11 KB
11 KB 510ms
70ms Script
application/javascript 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/415/4158900/4278386/js/j-4158900-4278386.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: 33d5d5a8b1e2950a0fcccf3f06ef0416f7e8f2f5e229b308c41053a800b439f3

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
ETag: 5bc31bf7d4a298e1bef9d35fce222bfc
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: d9.flashtalking.com
Content-Type: application/javascript;charset=utf-8
Cache-Control: private, must-revalidate, proxy-revalidate, max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 10814

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 66E3 9 KB
4 KB 91ms
90ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=1828362&cmp=115741&sid=18330&plc=4158900&num=&adid=&advid=&adsrv=29&btreg=4158900&btadsrv=flashtalking&crt=4278386&crtname=&chnl=&unit=&pid=&uid=&dvtagver=6.1.src&dvp_ftimpid=0AFAAFD7-AB0B-C255-1692-68126B0CDD89&auevent=&159133563
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/415/4158900/4278386/js/j-4158900-4278386.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 09:57:43 GMT
Server: UploadServer
ETag: "acd98c72a3678fcc8c90582582f71fb9"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3638
Expires: Fri, 08 Dec 2023 05:23:24 GMT

GET
H/1.1 200
OK iconc.png
secure.flashtalking.com/oba/icon/ Frame 66E3 1 KB
2 KB 362ms
237ms Image
image/png 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/iconc.png?EDAA_icon=y
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/415/4158900/4278386/js/j-4158900-4278386.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:25 GMT
Last-Modified: Sat, 12 Apr 2014 19:14:31 GMT
Server: Flashtalking (AKA)
ETag: W/"db320ef6f3c45ab5c90887ef618de2bb"
X-FT-Origin: us
X-Varnish: 394860326 286221358
Content-Type: image/png
Cache-Control: max-age=1656843
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1308
Expires: Wed, 27 Dec 2023 09:22:28 GMT

GET
H/1.1 200
OK 4278386.gif
cdn.flashtalking.com/xre/415/4158900/4278386/image/ Frame 66E3 88 KB
88 KB 99ms
76ms Image
image/gif 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/xre/415/4158900/4278386/image/4278386.gif?173012343
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 8858be9b4630362194f876af12bf491135b7a9a746be019cb14a490d9e3e6834

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Last-Modified: Mon, 28 Aug 2023 08:01:45 GMT
Server: Flashtalking (AKA)
ETag: W/"bae13a9840ae5c3bc36f229e5e06e9e5"
X-FT-Origin: us
X-Varnish: 649271128 648731652
Content-Type: image/gif
Cache-Control: max-age=723
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90001
Expires: Fri, 08 Dec 2023 05:20:27 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame 2412 424 KB
101 KB 75ms
74ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sat, 07 Dec 2024 05:08:24 GMT

GET
H/1.1 200
OK dv-measurements5084.js Show response
cdn.doubleverify.com/ Frame CA2A 424 KB
101 KB 105ms
104ms Script
application/javascript 23.61.252.81
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements5084.js
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.61.252.81 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-61-252-81.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Dec 2023 08:15:00 GMT
Server: UploadServer
ETag: "c3585554306d55af8af83ddde3306ca6"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: no-transform, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102698
Expires: Sat, 07 Dec 2024 05:08:24 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 7C1C 6 KB
6 KB 220ms
33ms Image
image/png 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:25 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 137344570 137150713
Content-Type: image/png
Cache-Control: max-age=937
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Fri, 08 Dec 2023 05:24:02 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 66E3 6 KB
6 KB 202ms
38ms Image
image/png 23.40.148.48
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/415/4158900/4278386/js/j-4158900-4278386.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.40.148.48 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-148-48.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:25 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 137344570 137150713
Content-Type: image/png
Cache-Control: max-age=937
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Fri, 08 Dec 2023 05:24:02 GMT

GET
H2 200 vwOUmvzU_7P.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 520E 4 KB
4 KB 84ms
84ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/vwOUmvzU_7P.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/OamzGS1IZIY.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yY/l/0,cross/OamzGS1IZIY.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
x-content-type-options: nosniff
content-md5: 9RIU8QDS6FQcM7h01mnrGg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4152
reporting-endpoints
x-fb-debug: zHMyKqcSy28Sp2xthRGD/Y/Yg21tSeJagAbem8To+GuOalz2HymvgnPqj6c57Usz/yo0MA9L9cZbSkZJgzz3qA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 20:18:11 GMT

GET
H2 200 327240869_3055532101410791_2826010206684567699_n.jpg
scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/ Frame 520E 1009 B
1 KB 75ms
74ms Image
image/jpeg 157.240.31.5
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent-nrt1-2.xx.fbcdn.net/v/t39.30808-1/327240869_3055532101410791_2826010206684567699_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=111&ccb=1-7&_nc_sid=4da83f&_nc_ohc=FKY1PBzWdBcAX-A0oHP&_nc_ht=scontent-nrt1-2.xx&edm=AOJO4v8EAAAA&oh=00_AfCeAXnhZy28b9qVvylHDfnkyq23FPALjMA9TXAmVTkbUw&oe=65783E7D
Requested by: Host: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.5 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: xx-fbcdn-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: ac516a9085241005aad07c254f56a285f09679eade6ff1f41971914c84ecdde3

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 25 Jan 2023 22:37:54 GMT
content-type: image/jpeg
access-control-allow-origin: *
content-digest: adler32=4229300007
thrift_fmhk: GBBzDXbwV7UKOVIgKrB9i5xtFeq3uckLAA==
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1375935555
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 1009

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 2582 0
152 B 74ms
74ms Script
text/html 54.95.167.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=14210:107102:202630:be766b44e645861c191d6e386f1189d5:22990&type=1
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.167.198 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-167-198.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 502
Bad Gateway visit.js
tps.doubleverify.com/ Frame 2412 0
0 3179ms
3178ms Script
text/html 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=313&ttfrms=4&brid=3&brver=120.0.6099.62&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2222&ddur=15&uid=1702012105184488&jsCallback=dvCallback_1702012105184106&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115741&sid=18330&plc=4158900&crt=4015257&btreg=4158900&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=06F20F1F-7588-B5D2-C4C3-31B6A9C9706F&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=130538183295.81459&ee_dp_sukv=130538183295.81459&dvp_tukv=553133064750.7052&ee_dp_tukv=553133064750.7052&dvp_tuid=195447452089&jurtd=74810111
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

GET
H2 200 3_USCBHvE2b.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 520E 23 KB
8 KB 238ms
236ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: H4RWJCeXQm3W0cqxGvzvfQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 7662
reporting-endpoints
x-fb-debug: cwwi5ONWIWCDLJqX14k71VzTSdP0J+GFWf1b2HB+hCJ1LFlWSOfPJ+ZsXqNhiKOE+ski2lkPS2VJC9Vk0KVVng==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 02:42:10 GMT

GET
H2 200 TDpNj7olbQz.js Show response
static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/ Frame 520E 724 KB
158 KB 237ms
236ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iyB-4/yE/l/en_US/TDpNj7olbQz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: MeMa4i99MCmxCrMgT75kUg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 161882
reporting-endpoints
x-fb-debug: 6SEACzL07iLFeMRPZOjp1+1LSsDqcACal+lmv2JLLBDvv5PwBV7cIRd+1zbXQFbmKpuPDSGxqh+ul03q8Z+R+Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 17:08:02 GMT

GET
H2 200 QQEU1-TaC4N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 520E 2 KB
1 KB 113ms
111ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/QQEU1-TaC4N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uDyhM5TI+HxzvqrjM1/g4w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 898
reporting-endpoints
x-fb-debug: jpXegtyhSt0SkZh6ookROgivzVIO0W15/waLWFSNQ7QKBIJGAljllPQiLvoIFHpO9WyoNNGPdoqNHb90wovzKw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 18:22:49 GMT

GET
H2 200 mTbMxtm1CtJ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/ Frame 520E 18 KB
6 KB 114ms
113ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/y4/l/en_US/mTbMxtm1CtJ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JrZuwm1IGLe7IQAoNDgKDA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6379
reporting-endpoints
x-fb-debug: RwC9bbMgxx1+BpkElfmyRjUqh4FUYuq7WljQwcKREAtlyglHZabSr0JPMyZwBF5MoVQsBJQmCtaPJTS1IiLoPQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 21:12:59 GMT

GET
H2 200 HzxD9aAXSyD.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 520E 55 KB
15 KB 113ms
112ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/HzxD9aAXSyD.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: oRcNmPqvdkv3ysBSBC5rSQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15157
reporting-endpoints
x-fb-debug: caFcZax7wDhvHTxTdGJLpexAbHOkMnL2LXYNiiz53AZOhHalTaJJwcnCGl6FlWXXkIE5uUDpAY+UvGwH1VUjlw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Wed, 27 Nov 2024 19:20:18 GMT

GET
H2 200 14huexud5ZL.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 520E 349 KB
68 KB 113ms
113ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Mrpr55hdtBvcwKZxKOzblg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 69594
reporting-endpoints
x-fb-debug: Wcr9FDXKWcc35s9z3eKPaDyt1uJX9/8uUZbLaR7unZXt/w4dGL9JVp9XvWKn/d+T85Xo/2hVzFFBcSeMSSUlgA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 00:49:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame CA2A 2 KB
1 KB 124ms
123ms Script
text/javascript 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=336&ttfrms=5&brid=3&brver=120.0.6099.62&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2239&ddur=91&uid=1702012105301398&jsCallback=dvCallback_1702012105301300&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115741&sid=18330&plc=4158900&crt=4278386&btreg=4158900&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=0AFAAFD7-AB0B-C255-1692-68126B0CDD89&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=228097375.06283575&ee_dp_sukv=228097375.06283575&dvp_tukv=10049364070.828304&ee_dp_tukv=10049364070.828304&dvp_tuid=260863765047&jurtd=875725714
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: b78108bba371998956e5b2af4ebd941f4b53facd3e18feb389844ca25520d3e5

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:25 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Expires: 12/07/2023 05:08:25

POST
H/1.1 200 lgc Show response
d9.flashtalking.com/ Frame 66E3 118 B
774 B 75ms
75ms XHR
application/json 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: 805d0eb2cea428ff67346b3767abff28daded90b51c4cfffa712c85f891e1c20

Request headers

Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Content-Type: application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 118

GET
H2 200 744480944374037.mpd Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/ Frame 520E 11 KB
2 KB 423ms
22ms Fetch
application/dash+xml 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/744480944374037.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfBsLASjkgsE8ecOXVZGZpvW3KBt8WzfJN_buqU7B2-NUA&oe=6574533C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: d29329513ba84a542d20f010d69ba5faef25c745d711d2a157d9ace3b62d01a8

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702012104
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 4129718
alt-svc: h3=":443"; ma=86400
content-length: 1563
x-fb-origin-hit: 1
etag: 0d0e3a19f96a0d1f6060307ff91a1690
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 200 / Show response
www.facebook.com/video/unified_cvc/ Frame 520E 270 B
380 B 173ms
173ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

6c5c2f5471b4fc1f8eb970865aa9206cbf1d6d4d34efce83e6c693def24543fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: zjV_U8mNeM2Z2sTZ8MmnVF
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: Km/kJ4EgDL8wxHSiKtMErJrtTyF9eIY6aUE5BTL41NKw+e7mOnNJbRtAvRCP7SkDhmY41sGrkM2jkPL7K1+Wfw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200 lgc Show response
d9.flashtalking.com/ Frame 7C1C 103 B
759 B 45ms
44ms XHR
application/json 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: 34bae4c4f1b77136c33653279be2487af1ab4ab6772543fda9f2df89a38e7082

Request headers

Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Fri, 08 Dec 2023 05:08:25 GMT
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
Access-Control-Allow-Methods: GET,POST,SERVER
P3P: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Access-Control-Allow-Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Content-Type: application/json;charset=ISO-8859-1
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 103

GET
H/1.1 200 img.png
d9.flashtalking.com/img/ Frame 66E3 70 B
326 B 56ms
56ms Image
image/png 3.112.170.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9.flashtalking.com/img/img.png?cnx=c629be24a4f9823a2ddd272033019425
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.112.170.251 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-112-170-251.ap-northeast-1.compute.amazonaws.com
Software: Apache/2.4.56 () OpenSSL/1.0.2k-fips /
Resource Hash: f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:24 GMT
Access-Control-Allow-Credentials: true
Server: Apache/2.4.56 () OpenSSL/1.0.2k-fips
Connection: keep-alive
Content-Length: 70
Access-Control-Allow-Methods: GET,POST,SERVER
Content-Type: image/png

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/4158900;4278386;0;401;0AFAAFD7-AB0B-C255-1692-68126B0CDD89/ Frame 66E3 42 B
343 B 35ms
35ms Image
image/gif 2.18.148.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/4158900;4278386;0;401;0AFAAFD7-AB0B-C255-1692-68126B0CDD89/?ft_data=d9:338391009cd64096a14640e3b73f781e;d9s:338391009cd64096a14640e3b73f781e&cachebuster=966736064

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.148.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-148-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app10.tky11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:25 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app10.tky11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Fri, 08 Dec 2023 05:08:25 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/4158900;4015257;0;401;06F20F1F-7588-B5D2-C4C3-31B6A9C9706F/ Frame 7C1C 42 B
342 B 72ms
72ms Image
image/gif 2.18.148.226
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/4158900;4015257;0;401;06F20F1F-7588-B5D2-C4C3-31B6A9C9706F/?ft_data=d9:338391009cd64096a14640e3b73f781e;d9s:338391009cd64096a14640e3b73f781e&cachebuster=325332041

Requested by

Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.18.148.226 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-18-148-226.deploy.static.akamaitechnologies.com

Software

prod-xre-app9.tky11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:25 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app9.tky11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Fri, 08 Dec 2023 05:08:25 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C1C 42 B
108 B 66ms
66ms Fetch
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNFYfTfVuNiG5dCHNucZeD-h4CSAbwNvGWKLnuBfgLxIEp7wFA_eMx2wtQaL_PFb7ecJPwYcLaEDTgI4d2QCTriH2lPvBMcXrHlPsFG8IcAJkjHjsf60r4babDth11e5KeHkvbhEmDSg&sai=AMfl-YQ53O4BYcGJCd5K_szZPZ3Xa9IkGR9Fx8uzNms8T7pCXypMLuqJRb9J8z2ISBLDA2NJW9PdkO16o7YKHDfY3ZLLsMtskd-0MWV43jRSAogo2mUjoHlnQpxHMkmr73Tv1y7DRytaIdX-naAnLUp0BRX7dWCCp_vqNh8&sig=Cg0ArKJSzOsIOpeCQ0q1EAE&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&id=lidar2&mcvt=1020&p=108,1030,358,1330&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1451399479&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702012102620&rpt=1923&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ag-Kz-WMvnK.png
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 520E 330 B
522 B 35ms
34ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/ag-Kz-WMvnK.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
x-content-type-options: nosniff
content-md5: eAFd0hA109+Saq2CKxwDiw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 330
reporting-endpoints
x-fb-debug: GxdUAOfEy1PfUoL3RuOqDa774LyuOTBOSQYHb51/huBvPiAU77dukEIPpHkj4o0h9Ca5DSchEsRr/xS/8+N5iA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:36:55 GMT

GET
H2 200 gDitvOzbw6T.png
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 520E 8 KB
8 KB 35ms
35ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/gDitvOzbw6T.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
x-content-type-options: nosniff
content-md5: Mgl5lSWRJJAq6dF2coyXXQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 8119
reporting-endpoints
x-fb-debug: MiIESDksxEr+EA7iBRCrq/vskl5LHcxydYy+fLuLeFgpDZPpD6VSdxFJZ4TDgThhqv+LDxxmgAx89YAuVyYFQQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:33:16 GMT

GET
H2 200 SWhawEjeLCn.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 520E 3 KB
3 KB 39ms
38ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/SWhawEjeLCn.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/ye/l/0,cross/PDrW5YVtlG7.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
x-content-type-options: nosniff
content-md5: /zrKWNzqQF1I3EnT4Zj6CQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3327
reporting-endpoints
x-fb-debug: IBZXp7Jc9znas/NjePHIOpq60lAf8MqJ/ybFtD4q5qQoAcForrP6orMMJSMdfiv4rjFpJ8c5T6hGBSsQqxtGog==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sun, 24 Nov 2024 18:08:46 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 66E3 42 B
108 B 55ms
55ms Fetch
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtAoaGSocTAVax-XL7wEV6MwSd883_rf5scZF7cFA8LS17H2LNO1OjmPP_QB8zo0RfVSjAvenutGDW-kfYXOuXXBs0qZs9K7vCucPadAn28Ty7ERUR_O1nnmK9GmB5w3OJIJNb8_z9zg&sai=AMfl-YT5A6NpCNLypSJeSnutYC0Jdc6_5JJafUm-xgMEXjfz9fuz_21MAVwqx8eDRGkR7ntH4vd6aQmud95mxDn__Fi1JGmKvsWCnOBhL2eilBIOF5F-oyKYkHhht114N3e3VPnmsRDUFZnnxi0NkoS3YTMccfPAOdC7J7Q&sig=Cg0ArKJSzKRfwESG22SWEAE&cid=CAQSTgDICaaN0d2aQy5qOI-e1yMganI-l9Ec2Fzgf5ix-hYvRgZ6tAKxXPADNPWbmujLRedgAuoA7QRKT1WaLLdxqcn0Rrl3_1TiKVHD6c2nCxgB&id=lidar2&mcvt=1000&p=108,270,358,570&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=827794272&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702012102628&rpt=1961&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1A3E
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=truvid&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east

281 B
554 B

87ms
46ms

Document
text/html

23.40.149.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-149-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Dec 2023 05:08:25 GMT
ETag: "20525-119-60930cbd3cec0"
Last-Modified: Thu, 02 Nov 2023 19:57:23 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Fri, 08 Dec 2023 05:08:25 GMT
location: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
server: AkamaiGHost

GET
H/1.1 200 auto-user-sync
ads.stickyadstv.com/ 43 B
497 B 412ms
200ms Image
image/gif 139.99.123.206
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/auto-user-sync?_fw_gdpr=0&_fw_gdpr_consent=
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.99.123.206 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS: ads2-sgp.stickyadstv.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:25 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
x-sticky-vk: 1702012105960097-46

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=2545&_fw_gdpr=0&_fw_gdpr_consent=
https://s.amazon-adsystem.com/ecm3?id=da92ae8ff658b34bda3f11181f6d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

43 B
479 B

791ms
354ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=da92ae8ff658b34bda3f11181f6d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:26 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 9TXQWJQ8T1MS9S8GJDNC
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:26 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://s.amazon-adsystem.com/ecm3?id=da92ae8ff658b34bda3f11181f6d4&ex=freewheel.tv&gdpr=0&gdpr_consent=&userId=&_fw_gdpr=0&_fw_gdpr_consent=
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1702012105994049-46

GET
DATA 200
OK truncated
/ 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bridge3.608.2_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4B63 750 KB
240 KB 15ms
14ms Document
text/html 142.250.199.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f10.1e100.net

Software

sffe /

Resource Hash

5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 22898
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 245949
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 22:46:47 GMT
expires: Fri, 06 Dec 2024 22:46:47 GMT
last-modified: Wed, 06 Dec 2023 01:36:01 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 586ms
126ms Script
text/javascript 142.250.207.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 05:08:26 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2C8C 40 KB
14 KB 39ms
39ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 04:27:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2435
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 08 Dec 2023 05:27:50 GMT

GET
H2 200 v.php Show response
stg.truvidplayer.com/v5.832/ 190 KB
14 KB 363ms
363ms XHR
text/xml 143.204.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/v5.832/v.php?st=xm9SsTlOAoPiXmYFnRB7pg&e=1702098503&ver=5.832&adid=4ad3f81f4762f259d311060e3bb84c5f599cb178&videoUrl=https://vid1250.trvdp.com/media/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d/hls/9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d.m3u8&height=360&width=640&pageHref=https%253A%252F%252Freurl.cc%252FgaOWLp&videoId=9b2e3ca9de9344fdeebd980ccf9ed4d17a028c2d&d=reurl.cc&wid=7942&suid=1250&env_browser=Chrome%20120.0.6099
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.832/float.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.86.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-90.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e7035ccf480f22d61ad1a30a6fea5d4cab95f70a76194bcc267e63c51aa1e7d5

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: gzip
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: text/xml;charset=UTF-8
access-control-allow-origin: https://reurl.cc
access-control-allow-credentials: true
x-amz-cf-id: 9ZbvBGtgpcQ_3cuLpqj2JUBYFkwiqlHruJCBJxrXMIi0MVZ5UPLeIg==

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 444ms
444ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahREBuCk5Yye2F2RcUPNfzydF5ORMjhTGXjjqFYOcW8Cd/K7rmz9kbSDcaXZRbuF6XCFdt6gLz6wydZKNMI3pcvStsqHlStEMl4nDjt9bUpyD0jotVgY37AkQlqT4THHqgbd2+mANshl7CejErH0V/I5wG5M/fDwYGSq4ssup0Y8TH0wcoXjOpdJe1AvFvpo2FE/OdRTAcGpdRMvTzNcDOfTA8fX5nWOZw8Xo53Xfao6xDmT81iVHua2bwCEeCPbNWIMDqi1XhYt8qzxvmWzUl12&cb=04395995
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
server: nginx/1.6.2

GET
H2 200 744480944374037_0-init.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-lp-qd-v/ Frame 520E 657 B
1 KB 22ms
22ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-lp-qd-v/744480944374037_0-init.m4v?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 4d5814d56998e79b1e45795f1f23c9d73c5174109bfed2c57bd42102e6f415f2

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 657
x-fb-origin-hit: 1
etag: 5d7ba64d6b9beb5f3fe4140611ff2400
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:0816

GET
H2 200 744480944374037_0-init.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-lp-md-a/ Frame 520E 598 B
704 B 45ms
44ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-lp-md-a/744480944374037_0-init.m4a?ms=m_CL&ccb=2-4&sc_t=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 650c5f605c2706575823936c7fa0ee6026089b324d5fcd2d873b96d40f5307e6

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 598
x-fb-origin-hit: 1
etag: 1deddc84d4e03fa04143cbee5ad9e19a
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:0814

GET
H2 200 744480944374037_0-2049.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 40 KB
40 KB 37ms
37ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2049.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: cfdc54476399fb550e2771333a7f015fe5e36a107e582df87092fc1c88b5fde1

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 41125
x-fb-first-keyframe-offset: 4392
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:7874

GET
H2 200 744480944374037_0-2049.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 18 KB
18 KB 109ms
108ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2049.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 3baaa30865dd2e58abab36c985cc30d8abab9a95635e06dead6481f74ac7b283

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17953
x-fb-first-keyframe-offset: 356
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:7895

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A3E 46 KB
13 KB 36ms
35ms Script
text/html 23.40.149.60
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.40.149.60 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-40-149-60.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: da0f675c3f128557e0b6e65cf22fb3841341b3496e50a90e9b8e1c8c01ee5801

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/usync.html?p=truvid&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 05:08:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Dec 2023 02:17:48 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=76128
Connection: keep-alive
Content-Length: 13232
Expires: Sat, 09 Dec 2023 02:17:13 GMT

GET
H2 200 hEMKKmOYzQt.js Show response
static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/ Frame 520E 278 KB
62 KB 33ms
32ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i_nv4/yf/l/en_US/hEMKKmOYzQt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: l/edax+DGCft42NvWht7yA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 63759
reporting-endpoints
x-fb-debug: 1JSPOzEfuiWqeFW4JVIbYhFwz00DostQU8tPQhNoF/MkTmLMlBfyqK1+CQxPbtm/X9WpO6I38x3TD14sWdxm+w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 21:31:42 GMT

GET
H2 200 6WBLoY8mozM.js Show response
static.xx.fbcdn.net/rsrc.php/v3i3qK4/yP/l/en_US/ Frame 520E 3 MB
535 KB 151ms
150ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i3qK4/yP/l/en_US/6WBLoY8mozM.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

0da91bddc43ad6a7d3308447ca11927e53a09c7bb055d224ce0e0c1f661f5ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6RgmnqBOF++z8OFAKx6ABg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 547494
reporting-endpoints
x-fb-debug: mHUnbYkDe26ArNm7l+VzlSiJcyjpVLLUCdGQO2ua2SQzccwcmcRWwKZgLw66WP5xVmPh6sXrmuE+XLuxNBdgzg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 04:45:16 GMT

GET
H2 200 Gk83t0kkPyo.js Show response
static.xx.fbcdn.net/rsrc.php/v3inoo4/ym/l/en_US/ Frame 520E 336 KB
79 KB 37ms
35ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3inoo4/ym/l/en_US/Gk83t0kkPyo.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

4c3de058e3988d127b109f3c6b6fb7d71e71440bc4a3af4770960cd20948d53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6YcOgn0RZiBql3YL1FO2nA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 80868
reporting-endpoints
x-fb-debug: ueTIsdocp+5fPvA32k+ysmlkl5cfVjnM5Ed7TeC+xnU2Xod9JREGi13oC96nqC7/7UD0EY5rJBURuyOB6WYfnQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 07 Dec 2024 04:45:16 GMT

GET
H2 200 Cf8jcTzOUp9.js Show response
static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/ Frame 520E 26 KB
7 KB 31ms
30ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iuWr4/yC/l/en_US/Cf8jcTzOUp9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wu8OzYuRZpaUCFL3HzI4JQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6798
reporting-endpoints
x-fb-debug: hkgBEdla2Qlnx3zAkaqNCqIf0J0E8IJQ5qNhLOsFLQBbesjCPm5B/ysKUcJHu0mH9rrwYsZFonje49Jn6Ap5xw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 28 Nov 2024 23:51:42 GMT

GET
H2 200 F4j9B2xJ1Ib.css
static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/ Frame 520E 4 KB
1 KB 31ms
30ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: /gOrTztJymIBgB0hri867Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1208
reporting-endpoints
x-fb-debug: l6rBK5YqtAUDnSaG5JTjegirVvk8buCEbP2ZfC6O7IaOvqzQk/j52kr3Ncjmmr4kR4j9yNfE4t+imKRMrz1+cw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 03:49:49 GMT

GET
H2 200 9dN_FA4mMHO.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/ Frame 520E 7 KB
3 KB 32ms
31ms Script
application/x-javascript 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yV/l/en_US/9dN_FA4mMHO.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: m6Kjybcr8DtynOk5chZEYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2768
reporting-endpoints
x-fb-debug: VNzuYkKfMSHoOqnyAQMwRL+rk8NO8Mr4wzGtPblnntKYGWvyVZP0yT020Wa2CPkR1y/hSBAqylyOzLMVzFVYSQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 05 Dec 2024 18:28:16 GMT

GET
H2 200 X_EhxW4Quy4.css
static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/ Frame 520E 20 KB
5 KB 33ms
32ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yc/l/0,cross/X_EhxW4Quy4.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

669f1bd492f3e253163afa6786b377ce0026c5ae959c90ffcbc3a81c867dd738

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: w1adhR2MXewZn4zKJ+ODJw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5185
reporting-endpoints
x-fb-debug: 2qEwFlX4nMf07nxsA4KwLtInz8y+DRkMXkkzSy60aMG17i6NNCFofxR0LWgXdBrlDXNrx1tuxdm/lk3vZWRFcg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 29 Nov 2024 18:02:59 GMT

GET
H2 200 RBd9zOUieH7.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame 520E 47 KB
10 KB 30ms
29ms Stylesheet
text/css 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/RBd9zOUieH7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:25 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: QDW3Rfz0SFYiygPDvO4N+w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10209
reporting-endpoints
x-fb-debug: CUZwAMgPJ9PHLYWMQ79rqh4M8phkoMs356PJ1ipP2jYoMbe/bLg9sIwXUgaq9dshRm+oAxhBpGez2pedgNyCUw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 06 Dec 2024 20:11:07 GMT

GET
H2 200 / Show response
www.facebook.com/ajax/bootloader-endpoint/ Frame 520E 14 KB
3 KB 212ms
211ms XHR
text/javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bootloader-endpoint/?modules=VideoSettingsControl.react&__user=0&__a=1&__req=2&__hs=19699.BP%3Aplugin_video_pkg.2.0..0.0&dpr=1&__ccg=EXCELLENT&__rev=1010293015&__s=%3A%3A6drdjk&__hsi=7310086324266958708&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__csr=&locale=en_US&__sp=1

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

513d93762ca937b110ca92cf7db91c335eda59630a8fa15c6a0acaaf7538c37e

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Fri, 08 Dec 2023 05:08:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: l2OZ/jXNda6lIf36sP1cdPV9GjXidWK90Ko5EIO9m+0fZYewONZGIbzQFXH8vN7Z3OYmwBMs8NAyPxRPaXBHCA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-cache, no-store, must-revalidate
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/video/unified_cvc/ Frame 520E 270 B
347 B 432ms
430ms XHR
application/x-javascript 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/video/unified_cvc/

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7M54/ys/l/en_US/aQFKd1NFgFT.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

124683208e6ba54f08ac61854fa8eb5f75b91a78d8b05917c7a12403cbffe095

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: zjV_U8mNeM2Z2sTZ8MmnVF
Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
X-ASBD-ID: 129477
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: RhSHTi7U4DZ9oFAOwlgPHKE1w2JaQzKksNbilz1sfUnHFrA1NtOcN2lMUwXFXz8cskm1wjZ35Vl5FPK8vUjULw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-methods: OPTIONS
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
access-control-allow-credentials: true
vary: Origin, Accept-Encoding
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 1A3E 7 B
775 B 733ms
125ms XHR
application/json 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: dbbc2dbf689859fb5870b364473d5441
Expires: 0

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 199ms
190ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mCkOE5BnAs42POGAyW6MitTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YG23K/bBcrK0Sx7fxwrxMYwWkv9dLqfckNS24XYsUW3/bCssTHAQMFf9VT/pvZlQ+AOouGsM95za/c6mIaF/Mo8UQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9groR7DxHNthtHOev6mBy+mA==&cb=14492096
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 374ms
374ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mCkOE5BnAs42POGAyW6MitTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YG23K/bBcrK0Sx7fxwrxMYwWkv9dLqfckNS24XYsUW38Xcdk6y0N82/UdCjNBh5fF1cAseAzVY0N2nSRaRaVYvMUQ1ZNFclDVuHLZ13dMOayISywq/NBJGBb30h00bl9groR7DxHNthtHOev6mBy+mA==&cb=76952336
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
server: nginx/1.6.2

GET
H2 200 744480944374037_0-2050.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 34 KB
34 KB 43ms
42ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2050.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 0e95ea5491ad84c79f99900d5fde104efeeabae87670a84985731bab4e632408

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 34619
x-fb-first-keyframe-offset: 4077
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:0202

GET
H2 200 744480944374037_0-2050.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
17 KB 226ms
225ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2050.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 418f39d05165d41882ffeaf2ecc8e458c1d4760d6800e5b5820a0ca8b62fbe9e

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17219
x-fb-first-keyframe-offset: 371
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:0213

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 8 KB
1 KB 795ms
274ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVBTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012106087&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td6_er0.0.0.0_vi0.0.1200.1600_vp0_eb16488

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

2ed789a5d3f376f9b8fb8964d665c3a2e84b923e39bcb8fc5932d9bbd8bba519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 930
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037_0-2051.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 18 KB
18 KB 117ms
116ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2051.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: d699116aed4876d388ecc45fa88a6cdef915499ffa2502ea8ec657cf145882e2

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 18088
x-fb-first-keyframe-offset: 412
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:2285

POST
H2 200 bz Show response
www.facebook.com/ajax/ Frame 520E 0
129 B 152ms
152ms XHR
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19699.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310086324266958708&__req=4&__rev=1010293015&__s=%3A%3A6drdjk&__sp=1&__user=0&dpr=1&jazoest=21902&locale=en_US&lsd=zjV_U8mNeM2Z2sTZ8MmnVF

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYKWpAihPNfsOZYzv

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:26 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: KaZk818WYInWOO2r+5k7cgIUENqywgxo04zwqyjv0asETrit8Jed4K4ZP6RPXyZe2JiLTDw0Jurd16KJKuPTgQ==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 66E3 0
56 B 66ms
66ms Ping
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5148522527707&version=m202309260101&ct=77&x=1&cor=4703141127577787000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0L5gppRlswe.png
static.xx.fbcdn.net/rsrc.php/v3/yh/r/ Frame 520E 404 B
622 B 17ms
16ms Image
image/png 31.13.82.7
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/r/0L5gppRlswe.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.7 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-nrt1.fbcdn.net

Software

Resource Hash

b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: ja-JP
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y1/l/0,cross/F4j9B2xJ1Ib.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
date: Fri, 08 Dec 2023 05:08:26 GMT
x-content-type-options: nosniff
content-md5: bDizLuK+pYt04fjxlQ20xQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 404
reporting-endpoints
x-fb-debug: lI37fDBArD1cUUMQhIQUdGj+AOBonGqaVXidDfXlOlEzdvyiH86nlJhpOvGJq5O0DE0oU7qB+8yPYwYGl9nN3A==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 03 Dec 2024 18:33:24 GMT

GET
H2

200

usersync.php
stg.truvidplayer.com/ Frame 1A3E
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=truvid&khaos=LPW62AIL-T-C3RZ
https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPW62AIL-T-C3RZ

0
462 B

181ms
181ms

Image
text/html

143.204.86.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPW62AIL-T-C3RZ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 143.204.86.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-86-90.nrt12.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
content-encoding: gzip
via: 1.1 3326ced070f64c37ff4d732ed8d8fe38.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: NRT12-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-id: 4oewrmFvSHloPcuVUC_KOCMPY1C17zVkvv4iCZR-ndx0nMbthw_MDg==

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://stg.truvidplayer.com/usersync.php?provider_id=rubicon&user_id=LPW62AIL-T-C3RZ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: b9ec8d9f39d449b1296af0ad28765469
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBXNjJBSUwtVC1DM1Ja
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEL9Pogu2TPhfLTwcO334Al4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNjJBSUwtVC1DM1Ja&google_push=

170 B
188 B

59ms
58ms

Image
image/png

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNjJBSUwtVC1DM1Ja&google_push=

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBXNjJBSUwtVC1DM1Ja&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1A3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
https://s.amazon-adsystem.com/ecm3?id=LPW62AIL-T-C3RZ&ex=d-rubiconproject.com&status=ok

43 B
479 B

192ms
191ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LPW62AIL-T-C3RZ&ex=d-rubiconproject.com&status=ok

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: EE0M31E895FTTSVACH7P
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LPW62AIL-T-C3RZ&ex=d-rubiconproject.com&status=ok
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 948563be522c07ceb297f9b507489bca
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A3E
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZlOTUyZDFiYzMxYmQ1MTVkNDdmODc5ODFjMjE0YzA2ZjhmNjJlNw

170 B
188 B

54ms
54ms

Image
image/png

142.251.222.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZlOTUyZDFiYzMxYmQ1MTVkNDdmODc5ODFjMjE0YzA2ZjhmNjJlNw

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.251.222.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s72-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTZlOTUyZDFiYzMxYmQ1MTVkNDdmODc5ODFjMjE0YzA2ZjhmNjJlNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A3E
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=881cf4a2-e987-4e73-995b-5bb680f9b34d&gdpr=0&gdpr_consent=&expires=30

42 B
840 B

524ms
134ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=881cf4a2-e987-4e73-995b-5bb680f9b34d&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 948563be522c07ceb297f9b507489bca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=881cf4a2-e987-4e73-995b-5bb680f9b34d&gdpr=0&gdpr_consent=&expires=30
date: Fri, 08 Dec 2023 05:08:26 GMT
server: Kestrel
content-length: 289

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1A3E
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tjuLTbF_ScuNsOWzHR-gQQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tjuLTbF_ScuNsOWzHR-gQQ

43 B
479 B

262ms
262ms

Image
image/gif

67.220.224.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tjuLTbF_ScuNsOWzHR-gQQ

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

67.220.224.144 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 08C32AS7A1AD8Z4V9FCA
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=tjuLTbF_ScuNsOWzHR-gQQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 948563be522c07ceb297f9b507489bca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A3E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEsNOYB6lMMz15tU9utnVF4&google_cver=1

42 B
840 B

513ms
127ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEsNOYB6lMMz15tU9utnVF4&google_cver=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 948563be522c07ceb297f9b507489bca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEsNOYB6lMMz15tU9utnVF4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 1A3E
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Ivk185hqTRmqRqn9kV68cw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ivk185hqTRmqRqn9kV68cw

43 B
479 B

192ms
192ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ivk185hqTRmqRqn9kV68cw

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 5H44M5H188232GJJVXR9
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Ivk185hqTRmqRqn9kV68cw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 948563be522c07ceb297f9b507489bca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A3E
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/Pp2KNSupvAwReZQnHWdNgQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EoNzGYdE2oKTQsFrKXPJIh9i47gYtMYScdbYeg--~A

42 B
840 B

135ms
135ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EoNzGYdE2oKTQsFrKXPJIh9i47gYtMYScdbYeg--~A
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 948563be522c07ceb297f9b507489bca
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 08 Dec 2023 05:08:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-EoNzGYdE2oKTQsFrKXPJIh9i47gYtMYScdbYeg--~A
content-length: 0

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 1A3E
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW62AIL-T-C3RZ

0
515 B

538ms
197ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW62AIL-T-C3RZ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: B3BF2EBC7CC74F36B37B1B7886C3C130 Ref B: TYO01EDGE2006 Ref C: 2023-12-08T05:08:27Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYL+JMWz8PHejMxqlGbEg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPW62AIL-T-C3RZ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: dbbc2dbf689859fb5870b364473d5441
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 1A3E
Redirect Chain

https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD48E7K5UoAADtJEYbW3w&expires=30

42 B
840 B

501ms
124ms

Image
image/gif

8.39.36.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD48E7K5UoAADtJEYbW3w&expires=30
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AAD48E7K5UoAADtJEYbW3w&expires=30
Date: Fri, 08 Dec 2023 05:08:26 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H2

200

setuid
ib.adnxs.com/prebid/ Frame 1A3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPW62AIL-T-C3RZ

43 B
942 B

371ms
175ms

Image
image/gif

103.43.90.19
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPW62AIL-T-C3RZ

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

103.43.90.19 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
an-x-request-uuid: 447ef665-3d8b-42e7-ab53-eecd91279391
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 114.172.236.131; 114.172.236.131; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPW62AIL-T-C3RZ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 391f9361f5b88a0e9c7eae9d872681c8
Expires: 0

GET
H2

200

v1
match.sharethrough.com/sync/ Frame 1A3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=18694
https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW62AIL-T-C3RZ

68 B
280 B

334ms
157ms

Image
image/png

52.77.135.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW62AIL-T-C3RZ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 52.77.135.86 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-135-86.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://match.sharethrough.com/sync/v1?source_id=UiRtTsXAfjmfSDAKnR1FjWsu&source_user_id=LPW62AIL-T-C3RZ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 948563be522c07ceb297f9b507489bca
Expires: 0

GET
H/1.1

200
OK

merge
ce.lijit.com/ Frame 1A3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
https://ce.lijit.com/merge?pid=80&3pid=LPW62AIL-T-C3RZ
https://ce.lijit.com/merge?pid=80&3pid=LPW62AIL-T-C3RZ&dnr=1

43 B
663 B

164ms
163ms

Image
image/gif

69.175.41.79
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=LPW62AIL-T-C3RZ&dnr=1
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: HTTP/1.1
Server: 69.175.41.79 Park Ridge, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS: sovrn-193627-chi03-placeholder
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Content-Type: image/gif
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ord1
Content-Length: 43
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=80&3pid=LPW62AIL-T-C3RZ&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ord1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

204

magnite
prebid.a-mo.net/setuid/ Frame 1A3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx
https://prebid.a-mo.net/setuid/magnite?uid=LPW62AIL-T-C3RZ

0
451 B

433ms
231ms

Image
text/plain

131.153.206.101
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid.a-mo.net/setuid/magnite?uid=LPW62AIL-T-C3RZ
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 131.153.206.101 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 2
server: envoy
vary: Accept-Encoding

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://prebid.a-mo.net/setuid/magnite?uid=LPW62AIL-T-C3RZ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 948563be522c07ceb297f9b507489bca
Expires: 0

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/ Frame 1A3E
Redirect Chain

https://token.rubiconproject.com/token?pid=37556&a=1
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPW62AIL-T-C3RZ
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPW62AIL-T-C3RZ

95 B
427 B

67ms
66ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPW62AIL-T-C3RZ

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 08 Dec 2023 05:08:27 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LPW62AIL-T-C3RZ
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 1A3E
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=primis
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPW62AIL-T-C3RZ
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW62AIL-T-C3RZ
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW62AIL-T-C3RZ&ckls=true&ci=JrifHAEmkJ&nc=false&trid=1148802592

43 B
1 KB

195ms
188ms

Image
image/gif

18.65.185.99
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW62AIL-T-C3RZ&ckls=true&ci=JrifHAEmkJ&nc=false&trid=1148802592
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Server: 18.65.185.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-185-99.nrt57.r.cloudfront.net
Software: /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: ja-JP
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:28 GMT
via: 1.1 06dea94a9acccc89bf073f5b6e5408ea.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P2
x-cache: Miss from cloudfront
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: w8Mgx5HqxTxm2Z_wDSbnvAQQ7o3xcsX0XjczXMVrU1-SHSIDbKYMIQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:28 GMT
via: 1.1 06dea94a9acccc89bf073f5b6e5408ea.cloudfront.net (CloudFront)
x-amz-cf-pop: NRT57-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location: https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPW62AIL-T-C3RZ&ckls=true&ci=JrifHAEmkJ&nc=false&trid=1148802592
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
patent: https://www.almondnet.com/ip
alt-svc: h3=":443"; ma=86400
content-length: 43
x-amz-cf-id: 128oqpwe1IDZuA-0vDaTKtWp-0qV3xNclJqkKzgM9UB2KVeUP9_Y5g==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
236 B 217ms
215ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVBTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012106925&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CMm9lJiJ_4IDFU6I6QUdpxwI6w&degraded=true&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037.mpd Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/ Frame 520E 11 KB
2 KB 15ms
15ms Fetch
application/dash+xml 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/744480944374037.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfBsLASjkgsE8ecOXVZGZpvW3KBt8WzfJN_buqU7B2-NUA&oe=6574533C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: d29329513ba84a542d20f010d69ba5faef25c745d711d2a157d9ace3b62d01a8

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:26 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702012104
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 4129718
alt-svc: h3=":443"; ma=86400
content-length: 1563
x-fb-origin-hit: 1
etag: 0d0e3a19f96a0d1f6060307ff91a1690
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

POST
H2 204 csi
csi.gstatic.com/ Frame 4B63 0
234 B 435ms
56ms Ping
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpw629x0&c=2649831497634&slotId=1324915748817&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s36-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
206 B 568ms
567ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVBTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012107155&ged=ve4_td7_tt0_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CMm9lJiJ_4IDFU6I6QUdpxwI6w&degraded=true&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037_0-2051.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 40 KB
40 KB 18ms
18ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2051.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 66fc160178980987eb06df6c7572ebe2f45ae53924d9d6c040fef6265f08361c

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 40521
x-fb-first-keyframe-offset: 4137
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:2284

GET
H2 200 744480944374037_0-2052.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 43 KB
43 KB 16ms
16ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2052.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: ae1aeb3602794e3ef049ae89198a70c72fc889ae12c875016a468f4c15a0fd2a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 43950
x-fb-first-keyframe-offset: 4217
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:4306

GET
H2 200 744480944374037_0-2053.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 32 KB
32 KB 19ms
18ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2053.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 02eae3de8ab25d50a8c9873ff156e29dafdc4bdf380ee5e81c77719b05fa8c2c

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 32704
x-fb-first-keyframe-offset: 4668
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:6381

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 55ms
54ms Ping
text/plain 216.239.32.181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-N394QBRGC0&gtm=45je3bt0v897965293&_p=1702012100404&gcd=11l1l1l1l1&dma=0&cid=818198690.1702012101&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702012101&sct=1&seg=0&dl=https%3A%2F%2Freurl.cc%2FgaOWLp&dt=%E7%B8%AE%E7%9F%AD%E7%B6%B2%E5%9D%80%E7%94%A2%E7%94%9F%E5%99%A8%20-%20reurl&_s=2&tfd=7544
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N394QBRGC0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://reurl.cc/gaOWLp
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://reurl.cc
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037_0-2054.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 36 KB
36 KB 20ms
19ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2054.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: ed476fb144e80d913475ec3dacf539d55ae0ac66ccb2d5a794097026a523ab6b

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 36367
x-fb-first-keyframe-offset: 4209
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:8479

GET
H2 200 744480944374037_0-2055.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 37 KB
37 KB 21ms
21ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2055.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: b822ca04c68390804e1bcf3aa32825eb90d4b17a3200b4103bbdaac08fc86b0f

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 37597
x-fb-first-keyframe-offset: 3939
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:0842

GET
H2 200 744480944374037_0-2056.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 29 KB
29 KB 18ms
17ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2056.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: f058f6ec7d9979a1982c57685ff6d0bb327c1ca9db01a749eefe9e59eebc699e

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 29729
x-fb-first-keyframe-offset: 4800
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:2939

GET
H2 200 744480944374037_0-2057.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 37 KB
37 KB 22ms
21ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2057.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: dd1b6b445960f258ba30d67d5e7b8572aa0e4911113bde10ef71b21477cfa4ff

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 37742
x-fb-first-keyframe-offset: 4202
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:4982

GET
H2 200 744480944374037_0-2058.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 28 KB
28 KB 22ms
21ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2058.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 9bcf8ee7e12dd5a42b927fa0c41c84dc32744c2f99f46a5028ae2067a2581104

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
x-fb-dynamic-latest-segment-id: 2057
x-fb-dynamic-predictive-response-chunk-size: 16675
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 4584
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:7431

GET
H2

200

activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1
adservice.google.com/ddm/fls/z/dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/ Frame CA2A
Redirect Chain

https://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=...
https://ad.doubleclick.net/activity;dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;...
https://adservice.google.com/ddm/fls/z/dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=12953...

42 B
107 B

470ms
82ms

Image
image/gif

142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s10-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/dc_pre=CMiLzZiJ_4IDFZptDwIdfmMEQw;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1%7Chttps://ad.doubleclick.net/activity;src=1295336;type=cs;cat=Viewa0;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_...
adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_2... Frame CA2A
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_3...
https://ad.doubleclick.net/ddm/activity/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5...
https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5B...

42 B
401 B

426ms
82ms

Image
image/gif

142.250.206.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1

Requested by

Host: reurl.cc
URL: https://reurl.cc/gaOWLp

Protocol

Server

142.250.206.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

kix06s10-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adservice.google.com/ddm/fls/z/src=1295336;dc_pre=CIKOzZiJ_4IDFeFbDwIduuAGbg;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1%7Chttps://ad.doubleclick.net/ddm/activity/src=1295336;type=custom;cat=viewa2;u1=%5BTOTALPAGETIME%5D;u2=%5BBUCKET_0%5D;u3=%5BBUCKET_1_9%5D;u4=%5BBUCKET_10_19%5D;u5=%5BBUCKET_20_29%5D;u6=%5BBUCKET_30_39%5D;u7=%5BBUCKET_40_49%5D;u8=%5BBUCKET_50_59%5D;u9=%5BBUCKET_60_69%5D;u10=%5BBUCKET_70_79%5D;u11=%5BBUCKET_80_89%5D;u12=%5BBUCKET_90_99%5D;u13=%5BBUCKET_100%5D;u14=115741;u15=18330;u16=%5BDVP_ADID%5D;u17=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037_0-2052.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
18 KB 19ms
19ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2052.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 10570da7da236644fe548a5cb6c8502fb620c2ae8128d56886ff9188b5408a23

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17876
x-fb-first-keyframe-offset: 333
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:4314

GET
H2 200 744480944374037_0-2053.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
18 KB 20ms
20ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2053.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: ade8f79b49e76a6b813ce37ff78a2689d12d0b14ccbd4f07a204bde958a75965

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17840
x-fb-first-keyframe-offset: 315
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:6404

GET
H2 200 744480944374037_0-2054.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
17 KB 31ms
30ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2054.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: f7bb9338bf9aa5fbf4675e307003f8dccae4fd8157bcd05f2c285070848ce87b

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17761
x-fb-first-keyframe-offset: 340
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:8495

GET
H2 200 744480944374037_0-2055.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
17 KB 19ms
19ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2055.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 4d470af70d38f0b84e8f60bd7788961ed4a3ede26b428ad3bfe85e9331cf82b2

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17440
x-fb-first-keyframe-offset: 358
x-fb-origin-hit: 1
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:0865

GET
H2 200 744480944374037_0-2056.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
17 KB 19ms
19ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2056.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: e6074f2bcbf3414cee5eb2b17ee72ffd0764f748c6b4379e7c646023a29648ce

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17151
x-fb-first-keyframe-offset: 336
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 3
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:2925

GET
H2 200 744480944374037_0-2057.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
17 KB 25ms
24ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2057.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 3074be46bdfe75cf2e0f6c00cd5bea567fb34f2a49ad0b41a2f79c5c353859e7

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
content-length: 17815
x-fb-first-keyframe-offset: 319
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 4
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:4979

GET
H2 200 744480944374037_0-2058.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
18 KB 18ms
17ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2058.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 54667157ea4d0ac16ada6434ed26525f856e992220c264a8c733f397e86a9d0a

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
x-fb-dynamic-latest-segment-id: 2057
x-fb-dynamic-predictive-response-chunk-size: 8442
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 352
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 2
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:7718

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
185 B 216ms
216ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVBTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012107734&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CMm9lJiJ_4IDFU6I6QUdpxwI6w&degraded=true&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037_0-2059.m4v Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 28 KB
29 KB 1254ms
1254ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2059.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 9757be3949a3f3362e256222bfd6c7982587e4284065650121f74a5c89241fb8

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
x-fb-dynamic-latest-segment-id: 2058
x-fb-dynamic-predictive-response-chunk-size: 15291
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 4425
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1238
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:9157

GET
H2 200 744480944374037_0-2059.m4a Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 17 KB
17 KB 1255ms
1255ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2059.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 35cdc36c88648abe9c3a11d67c2e7c283aa2589e8e0a21dae1658551084a03c7

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
x-fb-dynamic-latest-segment-id: 2058
x-fb-dynamic-predictive-response-chunk-size: 8493
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 334
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-md
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1240
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-md:9200

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 187ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnF/4EfUv+ObssSILJImrMDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ymlz2jTlR2xCNKBKR4Ih2fnIX1dszhM1tc8eywCrkwIlW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=91122526
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 187ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnF/4EfUv+ObssSILJImrMDrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Ymlz2jTlR2xCNKBKR4Ih2fnIX1dszhM1tc8eywCrkwIneTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=56422517
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
server: nginx/1.6.2

GET
H2 200 744480944374037.mpd Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/ Frame 520E 11 KB
2 KB 16ms
16ms Fetch
application/dash+xml 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/744480944374037.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfBsLASjkgsE8ecOXVZGZpvW3KBt8WzfJN_buqU7B2-NUA&oe=6574533C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 8bbb9b2d789b181da8575b96d764b616227826d6635a930a5b8882af586b6dfe

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:27 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702012106
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 4131758
alt-svc: h3=":443"; ma=86400
content-length: 1557
x-fb-origin-hit: 1
etag: bd88d8cf888affd7d902240faef84851
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
186 B 243ms
243ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEGATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012107971&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame E8CF 0
345 B 125ms
88ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=c1231791f87143f2bb86b028bc322fa7&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=237&eoid=22&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=91&tetms=8&msltms=20&vltms=237&sei=289&vetms=6&tuviims=192&tuviems=435&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2350&ismms=2015&isumms=2014&nvr=6&isgmmims=2015&isgmv4mims=2015&elmtp=6&isbxdms=3014&b0=100&b11=1009&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=16&lftb=1109&sftb=1109&msrdp=3&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=2120&engalms=2013&dvp_dpr=1&vstsz=738&ee_dp_cvcmeeid=1&metp=1&meeid=1&ispmxpms=3014&isiabvms=3014&isuiabvms=3014&isgmv4dpims=3014&vsos=4&ttfurm=3247
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-07T05:08:28

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame E783 0
345 B 121ms
87ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=9569e7ceefcc4039b003f5e334818a3c&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_asmm=1&vdur=372&eoid=17&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=15&tetms=7&msltms=23&vltms=372&sei=289&vetms=10&tuviims=99&tuviems=481&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=392&msrcannum=3&ee_dp_tmads=2504&ismms=1043&isumms=1042&nvr=6&isgmmims=1043&isgmv4mims=1043&elmtp=6&isbxdms=2442&b0=100&b11=1424&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=1524&sftb=1524&msrdp=3&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=2044&isuiabvms=2044&isgmpims=1142&isgmv4dpims=2044&ispmxpms=2044&engalms=1041&dvp_dpr=1&vstsz=737&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3400
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-07T05:08:28

POST
H2 204 csi
csi.gstatic.com/ Frame 4B63 0
54 B 54ms
53ms Ping
image/gif 142.250.196.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpw62avl&c=2649831497634&slotId=1324915748817&ghmsh_eids=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.196.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s36-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 186ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mp4tvMa4BrXLT4wqO1yzRYTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yl3RHw6AIohwjsKG2UnLj027w+gRSTDk1BIN+GsF0ooRL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=44216146
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 186ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mp4tvMa4BrXLT4wqO1yzRYTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yl3RHw6AIohwjsKG2UnLj027w+gRSTDk1BIN+GsF0ooRogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=54600484
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 8 KB
975 B 89ms
89ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVEATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012108222&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

3138b8a1a3f91df9c340ac6811dcd05802d5c750fcde85b82bdf51e1175ba9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 902
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
185 B 273ms
272ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVEATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012108316&ged=ve4_td8_tt1_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content visit.jpg
tps.doubleverify.com/ Frame 2412 0
162 B 217ms
99ms Image
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps.doubleverify.com/visit.jpg?gdpr=&gdpr_consent=&ctx=818052&cmp=1619415&jsver=5084&tgjsver=5084&napr=VisitResponseError__&cerrt=2048&dvp_isLostImp=1&tstype=128&flvr=0&dvp_tukv=553133064750.7052&ee_dp_ctx=1828362&ee_dp_cmp=115741&ee_dp_sid=18330&ee_dp_plc=4158900&dvp_vurll=1350&dvp_protocol=https:
Requested by: Host: 2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
URL: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 12/07/2023 05:08:28

POST
H/1.1 204
No Content event.png
tpsc-ae1.doubleverify.com/ Frame CA2A 0
345 B 87ms
87ms Ping
text/plain 34.149.43.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-ae1.doubleverify.com/event.png?impid=77927950e0284642af4c4b569be89394&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&pltm=1&ee_dp_btreg=4158900&ee_dp_btros_64=0&ee_dp_asmm=1&vdur=126&eoid=17&te_exec=0&msrjs=5084&sdf=67108868&vit=2&isvelg=1&rmi=16&tltms=91&tetms=8&msltms=281&vltms=126&sei=290&vetms=8&tuviims=341&tuviems=475&engms=1&engisel=1&ee_dp_ddtes=2&dvp_dtcov=4&sim=3&msrcanlm=456&msrcannum=4&ee_dp_tmads=2239&ismms=14&isumms=13&nvr=6&isgmmims=14&isgmv4mims=14&elmtp=6&isbxdms=2213&b0=100&b11=2259&adhgt=250&adwdth=300&norwdth=300&norhgt=250&vsos=4&dvp_vsosnmr=16&lftb=2359&sftb=2359&msrdp=1&naral=192&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1013&isuiabvms=1013&isgmpims=123&isgmv4dpims=1013&ispmxpms=1013&engalms=12&dvp_dpr=1&vstsz=1262&ee_dp_cvcmeeid=1&metp=1&meeid=1&ttfurm=3138
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements5084.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.43.113 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 113.43.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
Pragma: no-cache
Date: Fri, 08 Dec 2023 05:08:28 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true, true
Connection: keep-alive
Expires: 2023-12-07T05:08:28

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
186 B 262ms
261ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVEATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012108599&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
185 B 278ms
278ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVEATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012108864&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 744480944374037.mpd Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/ Frame 520E 11 KB
2 KB 160ms
159ms Fetch
application/dash+xml 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/744480944374037.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfBsLASjkgsE8ecOXVZGZpvW3KBt8WzfJN_buqU7B2-NUA&oe=6574533C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: d2a51ee8b66355f686294fc584db6191846a7b4d8320ea2697903f75e2a01187

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702012108
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 0
x-fb-latest-segment-ts: 4133880
alt-svc: h3=":443"; ma=86400
content-length: 1561
x-fb-origin-hit: 1
etag: 86dc1f8f25a932b9dbf289e02f18c397
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
x-fb-edge-debug: N6LHc2rbguttY7Y20XG0xRH9ldCT9m8-vGQYdnK6HvnEFBGtHJaHiR9T4NWF8iol10Vjcc9NPwlaRAYCccNezJNbrNhrX-SkWWK_KZ_Fug4
accept-ranges: bytes
timing-allow-origin: *

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 187ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnMRIe3VN70k7SELUSvH9ZTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yd80bfjWYpPAvvrItqhAcvDPgudOT+4BGsLhmApIu7UJW5/VzPv1TkVwfTNtXjp3TfTByheM6l0l7UC8W+mjYUY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=88549594
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 187ms
187ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mnMRIe3VN70k7SELUSvH9ZTrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yd80bfjWYpPAvvrItqhAcvDPgudOT+4BGsLhmApIu7ULeTdU870wTStyvdid4LALCwM2ZCua1Zl8BebX7mVYKVY2b1+taGRagB+h5LVDbTFXDjaEHqgU/3PmbtW8J6EFNT4wjgV+4EvebhDVp5y97wA==&cb=06610561
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
186 B 212ms
212ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEBATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012109167&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 186ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mlCPzAD5eeR38lrrhdZ1PpzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YHdJub4MG93CgYK02WW9RlcrmYp9I5o+1PfViI91RdN7AzZkK5rVmXwF5tfuZVgpVc4dR8NTFGgwSGYL8pzC7sQPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ5alZelKiuiTcmcwQA04UZg==&cb=77075292
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 186ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mlCPzAD5eeR38lrrhdZ1PpzrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YHdJub4MG93CgYK02WW9RlcrmYp9I5o+1PfViI91RdN59MHKF4zqXSXtQLxb6aNhReTFP+w1BH9yXSV5LQnQlDwPH1+Z1jmcPF6Od132qOsQ13j2twbHH6ccz94QPW0fJ5alZelKiuiTcmcwQA04UZg==&cb=73224784
Requested by: Host: reurl.cc
URL: https://reurl.cc/gaOWLp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 8 KB
972 B 97ms
96ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVVATRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012109386&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

154d8959cb53f0d1923d75e9c286f08c95563d1ee80a43decdf9119707334d3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 902
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 79CC 0
0 59ms
59ms Fetch
image/gif 142.250.196.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN_5Mo1cQVpuGLGcpMyJu7FJAsHP4sdyHdcmY9CfRwHJq9AljmIoIN_mDfaTwhNA8LXkXpqjBSAyFrmOu1pd04TtRgFt5SPnL3pTPpuHjZDgp4XUi_TNYMV572yzjsO5zjCVBQRtQzHbnDo-RMQcJ-w4AjeIACfR6Rh-EI9NwSOlXX2zf-yt3eE4FMY2rtby0pBX6APx1GLOqk6CBXcklARS1dYkVMU-QqhhCT_t3vqYWbkoWGb351PFtXMNyaj1plpnGWqbHuW0VOiY12sSGic_RgSPuTeLXvmGV7GSs60V4VWBb6nVZcUhbBoNeRBQgZpAr_OVTNAy4w9GgwYdR-NS1sA0SRYlaefNncMoneg3yzhliaUVoX5aJy8IW96Ds&sai=AMfl-YSviFE4yk2VaVhFw7NcmuC9vBclvjYTTv33zz_vmFXDvYw2QVHEQJ3P0RK_8qjsEfoWs_RITSkO5XbZ_gXpjJObKuCibCFGS6HucSi8Ycauoe-P0JX_wPVORtrZY_N0xwYCTtEU5EvvCeg-Ng4vo4b1u23HwC2ApXB4Eg&sig=Cg0ArKJSzEmYODqi_gRxEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.196.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s35-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Dec 2023 05:08:29 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
185 B 92ms
91ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012109487&ged=ve4_td9_tt2_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312050101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

b31ea2eebf5845a5910d7206bd04a9505e956328277584b8e7414755ef29224d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12297
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 74AE 15 KB
6 KB 19ms
19ms Document
text/html 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:29 GMT
server: Kestrel
server-processing-duration-in-ticks: 937400
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
186 B 632ms
631ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&pmnd=0&pmxd=180000&max_ad_duration=120000&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012109583&ged=ve4_td10_tt3_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7C1C 0
56 B 55ms
55ms Ping
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5266501082883&version=m202309260101&ct=77&x=1&cor=3503317274754980400

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 74AE 436 B
557 B 56ms
55ms Fetch
application/json 182.161.74.11
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=reurl.cc&sn=ChromeSyncframe&so=3&topUrl=reurl.cc&bundle=XHz9ZF9MJTJGdFpJUTVINUllSllobmo4QnpSbm15T2drRFdtdUM4QW05Q3Q1d2liT3hobmZUNTdFSW1USkx6Q1k4WUM4U2pvTjl0RlFkMEtNJTJGcTkxU0hyZnR1NlQySnlES3B6Q0lVd2IzJTJCS0htTlhFQm5jaWxVbThsZDN2eFRmWmR5eHpVTmFCTVd5UU9NSXVUUjBBODJhRFByaHclM0QlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e0db260abc2e8d5c0369d7b47cf054c691ea7c7e1ec634ee9121254ed8e8a61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: ja-JP
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=reurl.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:29 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 798886
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 120ms
119ms Script
text/javascript 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312050101/pubads_impl.js?cb=31079992

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 05:08:29 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 05AA 13 KB
5 KB 17ms
17ms Document
text/html 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.174.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s28-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

accept-ranges: bytes
age: 59141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 12:42:48 GMT
expires: Fri, 06 Dec 2024 12:42:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D754 829 B
997 B 63ms
63ms Document
text/html 142.250.199.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.199.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s52-in-f4.1e100.net

Software

GSE /

Resource Hash

78ec11a4740f0369c1dd9d837cd42e000fbfc2b219fedf4ecfe02f4e02992de4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OUcwSmIRd1wdFGAN8MHPUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://reurl.cc/gaOWLp
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language: ja-JP

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OUcwSmIRd1wdFGAN8MHPUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 05:08:29 GMT
expires: Fri, 08 Dec 2023 05:08:29 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 05AA 39 KB
15 KB 15ms
15ms Script
text/javascript 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 20:20:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 06 Dec 2024 20:20:40 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D754 0
0 61ms
60ms Image
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312050101&jk=2279783616362417&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s54-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 05AA 0
40 B 14ms
13ms Image
text/plain 172.217.174.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TvNIPA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.174.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt12s28-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 744480944374037_0-2060.m4v
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/ Frame 520E 16 KB
0 1067ms
1067ms Fetch
video/mp4 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-qd-v/744480944374037_0-2060.m4v?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:31 GMT
x-fb-dynamic-latest-segment-id: 2059
x-fb-dynamic-predictive-response-chunk-size: 15942
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
alt-svc: h3=":443"; ma=86400
x-fb-first-keyframe-offset: 4934
x-fb-origin-hit: 0
x-fb-video-livetrace-encoding: dash-lp-qd
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-LiveTrace-Ids, X-FB-Video-LiveTrace-ParentSource, X-FB-Video-LiveTrace-Encoding, X-FB-Video-LiveTrace-StreamType, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=10800
accept-ranges: bytes
timing-allow-origin: *
x-fb-response-time-ms: 1050
x-fb-video-livetrace-parentsource: CDN:elb:H:nrt1c02:dash-lp-qd:1201

GET
H2 200 744480944374037.mpd Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/ Frame 520E 11 KB
2 KB 17ms
17ms Fetch
application/dash+xml 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/744480944374037.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfBsLASjkgsE8ecOXVZGZpvW3KBt8WzfJN_buqU7B2-NUA&oe=6574533C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: d2a51ee8b66355f686294fc584db6191846a7b4d8320ea2697903f75e2a01187

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702012108
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 4133880
alt-svc: h3=":443"; ma=86400
content-length: 1561
x-fb-origin-hit: 1
etag: 86dc1f8f25a932b9dbf289e02f18c397
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

GET 744480944374037_0-2060.m4a
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/ Frame 520E 0
0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
185 B 268ms
268ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVVATRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=after&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=1659710202912412&ctv=0&dlt=1702012100015&dt=1702012110226&ged=ve4_td10_tt3_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 bz Show response
www.facebook.com/ajax/ Frame 520E 0
152 B 154ms
154ms XHR
text/html 31.13.82.36
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/ajax/bz?__a=1&__ccg=EXCELLENT&__dyn=7xeUmKewgUng5KbwKBAodo6C2i5U4e1Fx-ewPG323616whoS2S2bwmo3vx60Vo8olwe21wKE4W15w8i0KEswIwuo667Uy1nzUmw5Cx62G3i0ha2l2Utw78waOfwbK0RE5a1qw8W5U4q0HUvw4Jwp8ow46wbS1Lwqo2Ywcq0mW&__hs=19699.BP%3Aplugin_video_pkg.2.0..0.0&__hsi=7310086324266958708&__req=5&__rev=1010293015&__s=%3A%3A6drdjk&__sp=1&__user=0&dpr=1&jazoest=21902&locale=en_US&lsd=zjV_U8mNeM2Z2sTZ8MmnVF

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/3_USCBHvE2b.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

31.13.82.36 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-nrt1.facebook.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v3.2/plugins/video.php?app_id=&autoplay=true&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9073c6e16fd%26domain%3Dreurl.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Freurl.cc%252Ff15261ffc304fb%26relation%3Dparent.parent&container_width=280&height=182&href=https%3A%2F%2Fwww.facebook.com%2Fbackstagetime%2Fvideos%2F1345243609461164&locale=en_US&sdk=joey&show_text=false&width=280
accept-language: ja-JP
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryDpND2utU1HLM6OSk

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Fri, 08 Dec 2023 05:08:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
pragma: no-cache
x-fb-debug: 9JkGR3AIKK2v2Zzn4IqP8qbuMXSB5q+RDXAk0v4Fd/KP8eMdAoYUoFe3/i5WpaZomyTgi076bTWDSGNNRxpccg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
access-control-allow-methods: OPTIONS
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
vary: Origin
content-type: text/html; charset="utf-8"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 79CC 42 B
108 B 58ms
58ms Fetch
image/gif 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuUye1KOFJqDDP7uIs_usFPl26CT_fcBBRYpUhjxTM8yvByplE4c3fvujCTX2_-siGt0V2x2s1K6GKyTnmQoRNiGJkGnaUL2tUg27KcznYOM-dfOA8Gyh8h8mvvZZODnU9Y1AFOUOt3vQ&sai=AMfl-YQv-bRfs7C1vU3uU7ymxYwtsP7teW3ALVozx9GhpVFfXT5sY84&sig=Cg0ArKJSzKRD36HTjdyEEAE&id=lidar2&mcvt=1000&p=108,625,362,925&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231206&bin=7&avms=nio&bs=1600,1200&mc=0.98&vu=1&app=0&itpl=19&adk=3242553145&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702012102634&rpt=6773&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.207.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt13s54-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 05:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 142.250.207.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312050101&jk=2279783616362417&bg=!srGlsf7NAAY3kmNgF5I7ADQBe5WfOJtuzvwGTPLpD3sl8BnGWFWRHJYqe2NrxoXYthmsvg5upkxhZVRjFVSL_BSq0l1MAgAAAFVSAAAAAmgBBwoAJtSma9FnVggF1sI1umERxPHuSQ9H5iqh-MmcQfYX6NhBIsD2Z1qTmQLl2nPl80UGDpIziHsaIdLAf4IYA7Cd_KoLQDwpfaEzaEKVyzfuawjwa3GYpypqCE3yYhJthPrnDaVryL7QYKj6iL5la6o-vpZXxuBwzYfJZ711_ehjbc__Fxiqygfz7p8EauD5ajBXsNIoY-_6X4t4hJ5hBiftS6KzEXAhJ0qSOoEdPv8upYW4XLMl5PqPsxFrfyVE02CNaWIKKHjRRYYXo1MAD3dLhMRWxfgOqRFZ2WubKXRvCFSRSwRzcgNNQw-1VjVLdT1qHNRkSJV-094wxRL315359ylO-Qf3gVSIPa0HrnoNumTWIVIydXk9-BuordWNvDehOyJDJC0A-vnRjF7472z97ZklHD2MATM7qGmg9pXTFyU_HHLviFS8JX9DB8XuVewJnP67aSexUWpw_hm6KO4VV-yuSaNdRQbo53Sc85Pk6kljjMzan2bgQfDw-ECLmKd4KsXhXVTHF1nKDu64H8OzywnOYq7UPEPYm2TaGMqbrfdB7qaliFwHF5U0itJBQcP4LrlwwKwWv2vMPTxCKvi0wdFc1DFySo6CsaUFm_otWs6kGVX6K1Ut9mHAxjQ2g3EqJLJ4eO_1rFNxSDOG-We6M66ljDtA9KOzNOhqg9uGAp4viQv2vhAxH6ThZUYIiBws5q7dQNwyN81mTXvtKdM8A6JT6zxjd74n_Ru7VXp3k_8XRFV1SFQ-jGtk5Y2hBPdCymMCqgi694Ro-U5ZXGXUh-JJA1myTw3fo3pHSzSPnAES_CULpbmlxTriaN7c9nlSLIVz1_wd8_3KA4ncR-jxnEO9dfK_XtUyxyltZ82az0hfJ21gmSy3oTY0Fhmq3IXa8GI5H7yh_bYcqyH7_JN9yYttkNtxj8x1SwzbUOEA3wWrvLA_zfbGf1FAj0UTj0-UJq850m-DT5R7yZh8h4T5A2taJLbo8jaokyf2RHZLjNOzTh9XatHx89U8H6Gtd4oLPeoToLY10nv7kEuA97-d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.207.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: nrt13s54-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 189ms
189ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9m0sllZ0XlZoJ5cABoCKGCIjrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YUbgfRU35Ng3wx+2WnpLSy8Kn4BQmcpwjFal5oSqF7+pL6/6bjzykFx1cfoywZSzAWo5MjD/Bz+AwOLWI+OomroBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=42436911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 187ms
187ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9m0sllZ0XlZoJ5cABoCKGCIjrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7YUbgfRU35Ng3wx+2WnpLSy8Kn4BQmcpwjFal5oSqF7+pogipnm5WLZ+KL3+1jLiFz2wrLExwEDBX/VU/6b2ZUPoBskML2Qqyjk5HQCQ9q82hr7o8Pp49C1kMypTNe3D1J+iBSAOP9R97MfLyXfhRIOw==&cb=52804648
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 156 B
186 B 210ms
210ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22065771467%2C104502601%2Fvideo_1%2FVEIVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012110507&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td11_tt4_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 187ms
187ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSgdTf1SarMkZtmyr/dcH6cVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mBpYyaHMi29T6ng+Z7I5qajrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yds6YRUHXdHu8tNCTgMEhQfcpECDG9HGLhqcdgwebs/rAzZkK5rVmXwF5tfuZVgpVfDvDLePlyWPSxRWcUwna6Vi8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=60874437
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
server: nginx/1.6.2

GET
H2 204 pixel.gif
p.trvdp.com/ 0
50 B 186ms
186ms Image
text/plain 3.234.113.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.trvdp.com/pixel.gif?e=mPut764fUMpXLz68l07m6fVoRPMoVHtUz0Kl3qdxahSsXrzv4cLk51fMgx6xyuDeVExUPGTUHftdMiMb4e6x9HL/umX/Gj+X3gT/9Zx0Wb7snSsiXFI2SEafz+jxZGwyeY3FvW+bT4cNhvI/9VSXFmierrnnY1xAKO5hiArKYj9bOnJzlX3D0+iM2VuLMw9mBpYyaHMi29T6ng+Z7I5qajrwpIYso4IVP/hhdEekNkOdDf82Og9NMKA685Ofpv7Yds6YRUHXdHu8tNCTgMEhQfcpECDG9HGLhqcdgwebs/ogu2nwxw96QcYViOZze/FRq9HLJDwItcDup9HjY6Nh6li8gWsGhyIKKYJ2gweKbLQP2hraVE/V3KNkU1pIUAGSeI3n8QOm0kzbQeuxVhH4mg==&cb=80703515
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.234.113.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-113-32.compute-1.amazonaws.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: ja-JP
Referer: https://reurl.cc/gaOWLp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
server: nginx/1.6.2

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 4B63 8 KB
1018 B 265ms
265ms XHR
text/xml 142.250.198.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22247219933%2C104502601%2FVideo1%2FVVIVTRVD_reurl.cc&tfcd=0&npa=0&npa=0&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1659710202912412&vad_type=linear&pod=1&ad_type=video&url=https%3A%2F%2Freurl.cc%2FgaOWLp&description_url=https%3A%2F%2Freurl.cc%2FgaOWLp&pmad=5&pmnd=0&pmxd=180000&vpos=preroll&vpa=auto&sdkv=h.3.608.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=truvid&mpv=1.0.0&sdki=445&ptt=20&adk=2925625687&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.608.2&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&nel=0&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&top=https%3A%2F%2Freurl.cc%2FgaOWLp&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&dlt=1702012100015&idt=5910&dt=1702012110729&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A&scor=4174500733603607&ged=ve4_td11_tt4_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.608.2_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.198.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

nrt12s58-in-f2.1e100.net

Software

cafe /

Resource Hash

7ad3018fadcc481cde521f59563f00445e75ddd164cce1a6928632a62b3577a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: ja-JP
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 944
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
pubads.g.doubleclick.net/gampad/ Frame 4B63 0
0

GET
H2 200 744480944374037.mpd Show response
video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/ Frame 520E 11 KB
2 KB 18ms
18ms Fetch
application/dash+xml 157.240.31.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/dash-abr3/744480944374037.mpd?ccb=2-4&ms=m_CTPAL&sc_t=1&oh=00_AfBsLASjkgsE8ecOXVZGZpvW3KBt8WzfJN_buqU7B2-NUA&oe=6574533C
Requested by: Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/14huexud5ZL.js?_nc_x=Ij3Wp8lg5Kz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.31.8 Tokyo, Japan, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-video-shv-02-nrt1.fbcdn.net
Software: /
Resource Hash: 01aaadeef1658814287b7107d230d24117c8dc33d3729c4194f47f0980594553

Request headers

accept-language: ja-JP
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 05:08:31 GMT
content-encoding: gzip
x-fb-content-creation-ts: 1702012110
cross-origin-resource-policy: cross-origin
x-fb-edge-hit: 1
x-fb-latest-segment-ts: 4133880
alt-svc: h3=":443"; ma=86400
content-length: 1568
x-fb-origin-hit: 1
etag: 053b78d5b5f140df773fc9a122d4f629
vary: Origin, Origin
content-type: application/dash+xml
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: Date, x-fb-video-replica, proxy-status, X-FB-ONE, X-FB-ONE-VARIANT, x-fb-dynamic-state, x-fb-dynamic-live-heads, x-fb-dynamic-bitrates, x-fb-dynamic-latest-segment-id, x-fb-segment-pts-start, x-fb-next-valid-segment-id, x-fb-dynamic-quality-backup, x-fb-dynamic-predictive-response-chunk-size, X-FB-Video-Broadcast-Ended, x-fb-fna-hit, x-fb-edge-hit, x-fb-origin-hit, X-FB-Connection-Quality, x-fb-response-time-ms, x-fb-dynamic-latest-segment-id, x-bwe-mean, x-bwe-std-dev, x-fb-dynamic-status, x-mrtt-ms, x-fb-dynamic-client-wallclock-ms, x-fb-dynamic-client-wallclock-offset-ms, x-fb-dynamic-server-wallclock-ms, x-fb-dynamic-response-wallclock-ms, x-fb-dynamic-rtt-ms, x-fb-ull-ssbwe-v1, x-fb-ull-ssbwe-v4, x-fb-ull-ssbwe-v4alt
cache-control: max-age=1
accept-ranges: bytes
timing-allow-origin: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: video-nrt1-2.xx.fbcdn.net
URL: https://video-nrt1-2.xx.fbcdn.net/hvideo-nha-pnb/_nc_cat-106/_nc_sr_t-4/v/rASd2DeEjag9Io40lBM_aXoR5GzasbCmBagN6lqyLixzSmw/_nc_ohc-FZ5ut5deRssAX8Z1ONo/live-dash/ID/dash-lp-md-a/744480944374037_0-2060.m4a?ms=m_CL&ccb=2-4&sc_t=1&_nc_sc=1

Domain: pubads.g.doubleclick.net
URL: https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F22247219933%2FVideo1%2FVVIVTRVD_reurl.cc&sz=1x1%7C400x300%7C640x480%7C640x360%7C300x250%7C320x180%7C640x360%7C1024x768%7C1280x720%7C444x250%7C480x360%7C600x252&url=https%3A%2F%2Freurl.cc%2FgaOWLp&unviewed_position_start=1&env=vp&gdfp_req=1&ad_rule=0&output=xml_vast4&video_url_to_fetch=https%3A%2F%2Freurl.cc%2FgaOWLp&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&vrid=1380829&bumper=before&max_ad_duration=30000&min_ad_duration=0&sid=BBEBFAB5-3DD3-4CEB-99AC-B2A0F8AF695E&ad_type=video&adk=2925625687&correlator=540580590256986&ctv=0&dlt=1702012100015&dt=1702012111008&ged=ve4_td11_tt4_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491&idt=5910&is_amp=0&loc=https%3A%2F%2Freurl.cc%2FgaOWLp&npa=false&omid_p=Google1%2Fh.3.608.2&osd=2&ptt=20&scor=4174500733603607&sdk_apis=2%2C7%2C8&top=https%3A%2F%2Freurl.cc%2FgaOWLp&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44802172%2C44804291%2C44804613&hl=en&frm=0&mpt=truvid&mpv=1.0.0&sdki=445&sdkv=h.3.608.2&sdr=1&vpa=auto&nel=0&afvsz=450x50%2C468x60%2C480x70&cnc=104502601&deg_qid=CLvVj5qJ_4IDFRiK6QUd5lAJ2Q&degraded=true&kfa=0&tfcd=0&a3p=EhoKDWNyd2RjbnRybC5uZXQSABiQz86-xDFIABIbCgwzM2Fjcm9zcy5jb20YucnOvsQxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGLjJzr7EMUgAUgIIZBIXCghydGJob3VzZRj_zM6-xDFIAFICCGoSPgoFb3BlbngSLGV5SnBJam9pVjJ0UFNVUmFPREJTYTBOeFFWSmpReXR6T0hoM1p6MDlJbjA9GObQzr7EMUgA&cookie=ID%3D3cc8a8d3e1983000%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ&gpic=UID%3D00000ca706487cc8%3AT%3D1702012101%3ART%3D1702012101%3AS%3DALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.reurl.cc/	1970-01-20 16:48:18	Name: _gid Value: GA1.2.461807772.1702012101
.reurl.cc/	1970-01-20 16:46:52	Name: _gat Value: 1
.reurl.cc/	1970-01-20 18:56:28	Name: _fbp Value: fb.1.1702012101104.355381421
.prnasia.com/	1970-01-20 16:46:53	Name: __cf_bm Value: cmKnBRntOXoZkaA5U1F5ysOzhrB_U1nCBtUs_jJSrEc-1702012101-0-AU+kooy+IjktJ2l0V0dVRz5IoEW/OIb8TFU0IQqwRdhhDV1guIfM9Xy5iDs4JDRgtm7jY+57T5Ijj2cEi2dmzGA=
.reurl.cc/	1970-01-21 02:22:52	Name: _ga Value: GA1.1.818198690.1702012101
.openx.net/	1970-01-21 01:32:28	Name: i Value: 5a43880d-9f34-4640-aa01-1702facf31c2\|1702012102
.doubleclick.net/	1970-01-21 02:22:52	Name: IDE Value: AHWqTUlRivF0wiofueRBp6qF46XeMwYNQc46OLjSp9O31cy4w40SRVkVXXdQxVw7OPw
.crwdcntrl.net/	1970-01-20 23:15:40	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-20 23:15:40	Name: _cc_id Value: 3f90d70ae07513aa0b297a3625eb449c
.reurl.cc/	1970-01-20 23:15:40	Name: _cc_id Value: 3f90d70ae07513aa0b297a3625eb449c
.reurl.cc/	1970-01-20 16:48:18	Name: panoramaId_expiry Value: 1702098502463
.reurl.cc/	1970-01-21 02:08:28	Name: __gads Value: ID=3cc8a8d3e1983000:T=1702012101:RT=1702012101:S=ALNI_MZp9kTVNpz2UmMZlWgR4PLqgcvDfQ
.reurl.cc/	1970-01-21 02:08:28	Name: __gpi Value: UID=00000ca706487cc8:T=1702012101:RT=1702012101:S=ALNI_MbQ0TUOk0kK3GVG5XOmE9Eihjwc3A
.reurl.cc/	1970-01-21 02:22:52	Name: _ga_N394QBRGC0 Value: GS1.1.1702012101.1.0.1702012102.59.0.0
.openx.net/	1970-01-20 17:08:28	Name: pd Value: v2\|1702012102\|jElYiuvOhI
.adsrvr.org/	1970-01-21 01:33:54	Name: TDID Value: 881cf4a2-e987-4e73-995b-5bb680f9b34d
.ladsp.com/	1970-01-20 16:46:55	Name: cr Value: 1
.socdm.com/	1970-01-21 02:22:52	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzAyMDEyMTAyfQ
.ladsp.com/	1970-01-21 02:22:52	Name: smn_uid Value: YpQujX9TS50XpF3NAVc7VxA5qY8xV0U
.ladsp.com/	1970-01-21 02:22:52	Name: lum Value: CL_Szr7EMRIFCAMQ0AU
.openx.net/	1970-01-20 17:08:28	Name: univ_id Value: 537072971\|881cf4a2-e987-4e73-995b-5bb680f9b34d\|1702012103014080
.criteo.com/	1970-01-21 02:08:28	Name: receive-cookie-deprecation Value: 1
.criteo.com/	1970-01-21 02:08:28	Name: uid Value: 8478d161-b4eb-4ce7-a973-765d3c585d78
.reurl.cc/	1970-01-20 17:30:04	Name: ISMD5VERSION Value: 1
.reurl.cc/	1970-01-20 17:30:04	Name: CFFPCKUUID Value: 6181-jq4VNl5BMTsbVcEoQFJvaEvzzfExoFaZ
.reurl.cc/	1970-01-20 17:30:04	Name: CFFPCKUUIDMAIN Value: 5333-73CZljTmPZJ4wmbELHII8jkBBSVLkD6j
.reurl.cc/	1970-01-20 17:30:04	Name: FPUUID Value: 5333-176568ad236039a8f1b54e6d43cb41e6
.holmesmind.com/	1970-01-20 16:48:18	Name: fcm Value: 1
.lndata.com/	1970-01-21 01:32:56	Name: admckid Value: 2312081308221339118
.send.microad.jp/	1970-01-20 18:56:28	Name: TR Value: 6020a9d8314ac5934ebc8b958b1cf6f4ffaa6e7ed5c88e35
.hinet.net/	1970-01-21 02:22:52	Name: uuid Value: 68c355f7-9a7a-4602-ad1f-bb774a29aaa3
.casalemedia.com/	1970-01-20 18:56:28	Name: CMPS Value: 5455
.holmesmind.com/	1970-01-21 02:22:52	Name: P Value: 659055-aI5jU3uQUDPpYrHXEI6Mv1tuqgYwPJPz
.holmesmind.com/	1970-01-20 17:07:59	Name: Vision Value: 20231208-23:59,20231208-16,20231208-16,20231208-23:59
.holmesmind.com/	1970-01-20 17:07:59	Name: C Value: null
.holmesmind.com/	1970-01-20 19:11:49	Name: RK Value: null
.reurl.cc/	1970-01-21 01:32:28	Name: __htid Value: 68c355f7-9a7a-4602-ad1f-bb774a29aaa3
.reurl.cc/	1970-01-20 16:46:55	Name: _ht_em Value: 1
.casalemedia.com/	1970-01-21 01:32:28	Name: CMID Value: ZXKkx1YnPe.0WwXniI9nTQAA
.casalemedia.com/	1970-01-20 18:56:28	Name: CMPRO Value: 5455
.c.appier.net/	1970-01-21 01:32:28	Name: _auid Value: APd_7tM1Bwmjt1uBx6RyZQ
.doubleclick.net/	1970-01-20 21:06:04	Name: APC Value: AfxxVi4_FjGEaC-zoq0GzT5xpIxJ51EynmcfK75YhIdJe7RjC-mu7g
.doubleclick.net/	1970-01-20 17:30:04	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-20 18:56:28	Name: ar_debug Value: 1
.reurl.cc/	1970-01-20 18:13:48	Name: truvid_protected Value: {"val":"c","level":1,"geo":"JP","timestamp":1702012105}
.flashtalking.com/	1970-01-21 02:16:16	Name: flashtalkingad1 Value: "GUID=5820B310EF8164"
stg.truvidplayer.com/	1970-01-20 18:13:16	Name: truvid_protected_s Value: %7B%22val%22%3A%22c%22%2C%22level%22%3A%221%22%2C%22geo%22%3A%22JP%22%2C%22timestamp%22%3A1702012105%7D
.flashtalking.com/	1970-01-21 01:32:28	Name: _D9J Value: 073e6eaae14741a18d987f73bbb498fb
.ads.stickyadstv.com/	1970-01-20 17:30:04	Name: UID Value: da92ae8ff658b34bda3f11181f6d4
.ads.stickyadstv.com/	1970-01-20 17:07:01	Name: uid-bp-30833 Value: 1
.rubiconproject.com/	1970-01-21 01:32:28	Name: khaos Value: LPW62AIL-T-C3RZ
.adsrvr.org/	1970-01-21 01:33:54	Name: TDCPM Value: CAESFgoHcnViaWNvbhILCJrbruW37bs8EAUYBSACKAIyCwi6idfsze27PBAFOAE.
.bidr.io/	1970-01-21 02:15:22	Name: bito Value: AAD48E7K5UoAADtJEYbW3w
.bidr.io/	1970-01-21 02:15:22	Name: bitoIsSecure Value: ok
.amazon-adsystem.com/	1970-01-21 02:22:52	Name: ad-privacy Value: 0
pixel.rubiconproject.com/	1970-01-20 18:56:28	Name: receive-cookie-deprecation Value: 1
pixel-us-east.rubiconproject.com/	1970-01-20 18:56:28	Name: receive-cookie-deprecation Value: 1
.stg.truvidplayer.com/	1970-01-20 18:13:16	Name: trv_usersync Value: {"optout":false,"uids":{"rubicon":"LPW62AIL-T-C3RZ"},"created":1702012107}
.adnxs.com/	1970-01-20 18:56:28	Name: anj Value: dTM7k!M40DF7/.XF']wIg2C$St%qyk!]tbP6j2F-.aDyjByG0>mc=U'gkN5a:qRnkkk4FTn>T/n]7af<QEVk`!=7#n6wk9a
.adnxs.com/	1970-01-20 18:56:28	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJydWJpY29uIjp7InVpZCI6IkxQVzYyQUlMLVQtQzNSWiIsImV4cGlyZXMiOiIyMDI0LTAzLTA3VDA1OjA4OjI3WiJ9fSwiYmlydGhkYXkiOiIyMDIzLTEyLTA4VDA1OjA4OjI3WiJ9
.tapad.com/	1970-01-20 18:13:16	Name: TapAd_TS Value: 1702012107783
.tapad.com/	1970-01-20 18:13:16	Name: TapAd_DID Value: e4b8908d-2301-4590-ad3a-46b84e3d7108
.sharethrough.com/	1970-01-20 17:30:04	Name: stx_user_id Value: fe51de7c-f657-4329-9df5-62cb7605ba71
.tapad.com/	1970-01-20 18:13:16	Name: TapAd_3WAY_SYNCS Value:
.yahoo.com/	1970-01-21 01:32:49	Name: A3 Value: d=AQABBMukcmUCEFuX94ILDccdF-TnnnNcxjwFEgEBAQH2c2V8ZQAAAAAA_eMAAA&S=AQAAAhM2EHKPkzoYO2bnLcgAJj8
.linkedin.com/	1970-01-21 01:32:28	Name: bcookie Value: "v=2&3b20d90a-fb5e-453f-8244-5723a4592f20"
.linkedin.com/	1970-01-20 16:48:18	Name: lidc Value: "b=VGST04:s=V:r=V:a=V:p=V:g=3082:u=1:x=1:i=1702012107:t=1702098507:v=2:sig=AQGsaLctQCcyFjhMYAGipK8T0V6NVOtB"
.prebid.a-mo.net/	1970-01-20 16:48:18	Name: _sv3_7 Value: 1
.a-mo.net/	1970-01-21 01:32:28	Name: amuid2 Value: 630370ef-b320-4515-a6ff-777f1ad941df
.prebid.a-mo.net/	1970-01-21 01:32:28	Name: sd_amuid2 Value: 630370ef-b320-4515-a6ff-777f1ad941df
.lijit.com/	1970-01-21 01:32:28	Name: ljt_reader Value: HyPUVQZHT4rya9DxQ6mW84lD
.amazon-adsystem.com/	1970-01-20 21:43:30	Name: ad-id Value: A-YJQmMyG0O9gSBxDxnFhSU
.lijit.com/	1970-01-21 01:32:28	Name: _ljtrtb_80 Value: LPW62AIL-T-C3RZ
.rubiconproject.com/	1970-01-21 01:32:28	Name: audit Value: 1\|55xRozOlfVNcHzvr4OtVvlkcwHitwKeOW+OUpowLDoChY2kgYj3j0VcGsJiG2oeQ8ADqoRw/YkciZ07GJqnMnujPGTiJ9gcmpmvllXEtYN4=
.primis.tech/	1970-01-20 17:22:52	Name: csuuid Value: 6572a4cc87071
.intentiq.com/	1970-01-21 02:22:52	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 02:22:52	Name: intentIQ Value: JrifHAEmkJ
.intentiq.com/	1970-01-20 17:30:04	Name: IQMID Value: 1923935363#1702012108976
.intentiq.com/	1970-01-21 02:22:52	Name: CSDT Value: UEQ6MTUxMDZfMCZUeG96TTlJ
.intentiq.com/	1970-01-21 02:22:52	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 02:22:52	Name: intentIQCDate Value: 1702012108974
.intentiq.com/	1970-01-21 02:22:52	Name: IQPData Value: 1923935363#1702012108971#0#1702012108971
.reurl.cc/	1970-01-21 02:08:28	Name: cto_bundle Value: SgrbPV9MJTJGdFpJUTVINUllSllobmo4QnpSbmtXdDhpRG9EdlJ4cnVrcklSOG1mamlTMUFjcHRKVlYlMkZ1VmdMaDlRS3E0R1R0ZiUyQlpHWkNJdllHUHRXeDViT1BlJTJCMWFkRDQlMkZrSFloMlpzelYzJTJCdjJEQlQzMGN0bzd2bDhVQ0g1emZVVzM2JTJCYjg4ZUZUVmRtSk5rUXBNMktKemFvZyUzRCUzRA

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
deprecation	warning	URL: https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/dlkLFa46YZW.js?_nc_x=Ij3Wp8lg5Kz(Line 276) Message: Listener added for a synchronous 'DOMSubtreeModified' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security	warning	Message: Error with Permissions-Policy-Report-Only header: Unrecognized feature: 'document-domain'.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 504) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=313&ttfrms=4&brid=3&brver=120.0.6099.62&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauC6FC%3D%5D44Tau82~(%7BAU2%3F4r92%3A%3Fl9EEADTbpTauTauC6FC%3D%5D44Tar9EEADTbpTauTaua3g3g_ae75b76_74%60%60hc77a_a_g2ge4e%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=2222&ddur=15&uid=1702012105184488&jsCallback=dvCallback_1702012105184106&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F120.0.6099.62%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=5084&tgjsver=5084&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=11&brh=2&dvp_epl=201&noc=4&nav_pltfrm=Win32&ctx=1828362&cmp=115741&sid=18330&plc=4158900&crt=4015257&btreg=4158900&btadsrv=flashtalking&adsrv=29&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_ftimpid=06F20F1F-7588-B5D2-C4C3-31B6A9C9706F&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=130538183295.81459&ee_dp_sukv=130538183295.81459&dvp_tukv=553133064750.7052&ee_dp_tukv=553133064750.7052&dvp_tuid=195447452089&jurtd=74810111 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://fcm.holmesmind.com/cm.php Message: Failed to load resource: the server responded with a status of 502 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2b8b8026fd3fe0fc1194ff20208a86c6.safeframe.googlesyndication.com
68c355f7-9a7a-4602-ad1f-bb774a29aaa3.t.ssp.hinet.net
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad.holmesmind.com
ad2.apx.appier.net
ads.stickyadstv.com
adservice.google.com
analytics.google.com
anymind360.com
asset.re-news.tw
bcp.crwdcntrl.net
bidder.criteo.com
blog.alphaloan.co
c.holmesmind.com
cdn-ima.33across.com
cdn.doubleverify.com
cdn.flashtalking.com
cdn.holmesmind.com
cdn.jsdelivr.net
ce.lijit.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
cnt.trvdp.com
connect.facebook.net
cr-p3.ladsp.com
creditcards.com.tw
csi.gstatic.com
d9.flashtalking.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
external-nrt1-2.xx.fbcdn.net
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
go.trvdp.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
i0.wp.com
ib.adnxs.com
imasdk.googleapis.com
img.gbyhn.com.tw
img.racingcharger.tw
invstatic101.creativecdn.com
jp-u.openx.net
live.primis.tech
m.holmesmind.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mma.prnasia.com
oa.openxcdn.net
oajs.openx.net
p.trvdp.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.a-mo.net
prebid.scupio.com
pubads.g.doubleclick.net
px.ads.linkedin.com
reurl.cc
rt.ad-score.com
rtb0.doubleverify.com
s-cs.send.microad.jp
s.amazon-adsystem.com
s.trvdp.com
s0.2mdn.net
scontent-nrt1-2.xx.fbcdn.net
secure-assets.rubiconproject.com
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
static.criteo.net
static.wixstatic.com
static.xx.fbcdn.net
stats.g.doubleclick.net
stg.truvidplayer.com
storage.re-news.tw
storage.reurl.cc
sync.intentiq.com
sync1.intentiq.com
t.ssp.hinet.net
tags.crwdcntrl.net
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ae1.doubleverify.com
us-u.openx.net
video-nrt1-2.xx.fbcdn.net
www.facebook.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.rayskyinvest.com
pubads.g.doubleclick.net
video-nrt1-2.xx.fbcdn.net
103.132.192.30
103.43.90.19
104.17.238.194
104.18.35.167
116.50.36.71
124.146.153.164
13.107.42.14
13.113.132.165
13.215.134.10
13.33.174.59
131.153.206.101
139.99.123.206
142.250.196.131
142.250.196.98
142.250.196.99
142.250.198.2
142.250.199.100
142.250.199.106
142.250.206.226
142.250.207.102
142.250.207.2
142.250.207.97
142.251.170.155
142.251.222.34
142.251.222.35
142.251.42.130
142.251.42.136
142.251.42.163
142.251.42.198
143.204.126.128
143.204.86.127
143.204.86.90
151.101.1.55
151.101.129.229
157.240.31.5
157.240.31.8
172.104.121.22
172.217.174.97
172.217.175.110
172.217.175.66
172.217.175.74
172.64.151.101
172.67.150.31
18.136.146.191
18.172.52.87
18.178.12.4
18.65.185.102
18.65.185.129
18.65.185.99
18.65.207.56
182.161.74.1
182.161.74.11
182.161.74.18
192.0.77.2
192.0.78.187
192.0.78.24
2.18.148.226
202.233.84.8
203.75.214.136
210.59.219.34
216.239.32.181
23.208.233.60
23.40.148.48
23.40.149.60
23.61.252.81
3.112.170.251
3.234.113.32
31.13.82.36
31.13.82.7
34.102.146.192
34.111.113.62
34.117.23.234
34.120.107.143
34.120.190.48
34.149.43.113
34.149.98.30
34.95.67.231
34.96.70.87
34.98.64.218
35.185.130.121
35.190.36.98
35.201.76.93
35.208.216.174
35.227.249.156
35.244.196.223
52.192.40.163
52.223.40.198
52.46.130.91
52.77.135.86
54.95.167.198
61.216.47.122
67.220.224.144
69.175.41.79
8.39.36.141
8.39.36.142
8.43.72.98
99.84.133.60
011d8f4627d33f18e7d18df96452ab3a74b6379d52d726f2fef4ec3f21c0be98
01a33f0ff59e28cd463d425548a593e150506f7f0d1c958403bae903f5e8e2e9
01aaadeef1658814287b7107d230d24117c8dc33d3729c4194f47f0980594553
02eae3de8ab25d50a8c9873ff156e29dafdc4bdf380ee5e81c77719b05fa8c2c
07a4e6e29c941243f89b66b95f71169d367abe2df067120a46ed95e522f78914
0912eb76845cca43ec976e9bc886ca3f240697afb98c9ec95ec6c34fa32a8a71
096f85ac6d28eb274e8f6bcffc83c4d3baf2041bd4befd0adea68c566b20c57b
0aa5fee57654ff2fb2cc0bdfe77bde9c0a4d1233bda254d11549e0e2a78f668a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da91bddc43ad6a7d3308447ca11927e53a09c7bb055d224ce0e0c1f661f5ebe
0e95ea5491ad84c79f99900d5fde104efeeabae87670a84985731bab4e632408
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0efa8291235243ad1438d266932112aecf4e7dca1963545a22d118cbe5d5d6e2
0fab9d8226565c933226a271beae622492261fbed07bbd227add760da1ad9de3
10570da7da236644fe548a5cb6c8502fb620c2ae8128d56886ff9188b5408a23
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
124683208e6ba54f08ac61854fa8eb5f75b91a78d8b05917c7a12403cbffe095
12eb9631172126e161c7840bcabe4b1cce3126f2d5f1ac3b164981eaf25dc8b4
142def09d9dbc6078f880d256cadd2e15f3808f149bfed6163de428ad0ab7d72
146606959451a22e2dfed792b6ed977aa0c67b4a73134684d2ff17bb9096f0f6
154d8959cb53f0d1923d75e9c286f08c95563d1ee80a43decdf9119707334d3b
16cf673198b29bb08e83f5d8f74182d97d9c6dfa729c60f90f6195e739de9d20
1a5bfbcea37051b69ffb51494bca539b16ef2d969086bf4abdef636fc5943679
1ba731fa9f8276454a29bbb9afbf4595fa066f08935a762beceecc4749f90d5b
1cdfea8482ec87dbfecfc0b3914b3e9d90e2c32f7f601261cc79369092894312
1eb91904f5d6045446e6d48cf2bcf58c479cb4563d98bf3e6b52646d405c69b8
208cd6c1ec51a2737c544e3da4166eb917333e9dd588841e599143f7f083de85
2109d5434242fdfaeb5b866fe1999b6ae1180984051f9db3bee726d411e56aef
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
226d20c2725e876a96edabbbad4ca3709478995aac12ff27b7efff45d73d96c1
25715ad3d59c75337fe3341b3a491aedb2eafc2ced4b262af36c9226258d0567
2af9dcd5f220b6aaa7fb46c21e3a9833abce8a1d7953c0591013081dd73c6e57
2b1ade15333112c09efe0c0c66d61e5b222cdbd467505cf5b4ad35ef3dd0e398
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2c3cb5a0833b9412d27f44e06a84fd797180b81e15e99af5d7d8ffa96d1f41e8
2ed789a5d3f376f9b8fb8964d665c3a2e84b923e39bcb8fc5932d9bbd8bba519
2f1ad4ec7176f493b16e0d186f222e3484248cbb48f82289c736a0877f2d5894
2f940657680bd767a223c8dbfae60a9d020adcc30ef92c65f35716064c905359
3050a5556edc5876cd83e63f15e56fe19cb428129345a58d1f57687414504698
3074be46bdfe75cf2e0f6c00cd5bea567fb34f2a49ad0b41a2f79c5c353859e7
3138b8a1a3f91df9c340ac6811dcd05802d5c750fcde85b82bdf51e1175ba9df
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4d2ac4928b0129a5a969594be92783dbbb13112dd350f128de1b8d7215f30
33d5d5a8b1e2950a0fcccf3f06ef0416f7e8f2f5e229b308c41053a800b439f3
34bae4c4f1b77136c33653279be2487af1ab4ab6772543fda9f2df89a38e7082
35aea5afa69eee0a6a77678f980729d3893f8ff4b2872e749c4b7f6375503710
35cdc36c88648abe9c3a11d67c2e7c283aa2589e8e0a21dae1658551084a03c7
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3836c4eb13a6f00d12429a48c0c7cec9a973b2e7c89d5e325680b4a4bfdfa923
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39504cc2fb8204b838a70967aee44b53523ffe9ac310faf7258747118aa8e04d
3a4fda7b449ddfa3b11ceb4c715c4c2f042e2cc1949701deb1fb8098d02b9b47
3baaa30865dd2e58abab36c985cc30d8abab9a95635e06dead6481f74ac7b283
3dc6787de4b1097650e4fc18a14d735fbb8e09c5a8159ece51c16593c8cec0e9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3edb7d7cf4bd2e766e90db553560c32cff5e84208ecb968a441494cbbe087ec3
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40e339b39ab5229aa56624c7df0f88a60ceb6ddce68f0b98b968d8644892af38
418f39d05165d41882ffeaf2ecc8e458c1d4760d6800e5b5820a0ca8b62fbe9e
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431486b008ef8dcacc621c3f8fd446b9a43db474fc6e1766b4189d71984acfa6
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4372a9b8ce26d68f5c9a53975683bc05d3df25cf5a2e0177569f58258b6be160
43a126083af1bd2689884402323590b7859a00ea93e57fccbf87332f04333553
45444d590a67d30e8b2fde01bb6482f829383b64bf14a4b19b86e22fdc319fbb
45445cdb742ba713feadbb749a2328f90698cc052372bb736682afcb5e7c6345
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4636fb9df5ae103fbad3764c9f98400be1c9384cbe77fdb6951b96adcac788b1
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
470b45980cad690bce770638435856f2414c9c1945c3905e84e78cb18dc75882
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4a8928f1a1c4ad6468088a69d2b6bb573b18dce990f6cffc7f59a0293cefe7c8
4a91cc3d7f0943cabdd61ca1ff8f5e4747c2e81349fbc490de26380a4d817733
4b0d105254d128c213222b1622a49b34a17835b5b9ab56dfd8264cb15855d688
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c3de058e3988d127b109f3c6b6fb7d71e71440bc4a3af4770960cd20948d53a
4cae1a25d86e49521475bc48221489901b3b39d63c07e9889de221bad8d7ac16
4d470af70d38f0b84e8f60bd7788961ed4a3ede26b428ad3bfe85e9331cf82b2
4d5814d56998e79b1e45795f1f23c9d73c5174109bfed2c57bd42102e6f415f2
4d8962e57f0fa84f1e0b262b33727e3242ecd9b9d0d45d30121920a7737ddceb
4da2dc78cc23591a9ee3285ba8f3891fa57b506b7902fbdd35fa5a2172566c55
4df9b60b23dc99b2d8effa62273d522e2c879c50a288eee73784db7eb5016908
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fdd04912129cdb8d227c0be200a5205ccbc49c6851594f80d1df0364ae5d1a2
513d93762ca937b110ca92cf7db91c335eda59630a8fa15c6a0acaaf7538c37e
52bb2d07b65ec544edeb2a33f4103397a28f036f0d100090f3e17e4364aea1fb
53825c87b66d9382629be4243edacbadd423e957926f4e6096a2d64391aa90ee
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
54667157ea4d0ac16ada6434ed26525f856e992220c264a8c733f397e86a9d0a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5609dbd6bd5496a114ca913530c2dd0aecff8502646c438db58251345eda9545
569cde2a2d9c46b8a90a8c4296aa45d9f52a146d7b075f9e5dba7fcc2f03ce2c
5795b76d6ff43423837d4536b1f91e283d790892cc577255cdb5069da72de46d
58c3a23c4f972190b18184acaa9b530823d63347967e06cba16ca2eb005b1739
5ace58115177bd9d342f148f9a2f6ba637b04e74fda103abe156a43f92c1a8c9
5b4e62f16093986a3e1887b92f30892c2a31cdfc5d3f82bf50c49324553db1c8
5cb453452cb7f5355d1d91b93b3305ab04e5d25a8fc005aeb0031c22ad75e283
5d28e955cf2bc7eab352b6053c691492b7436b141829f69b52f3639f86beaa96
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
650c5f605c2706575823936c7fa0ee6026089b324d5fcd2d873b96d40f5307e6
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
669f1bd492f3e253163afa6786b377ce0026c5ae959c90ffcbc3a81c867dd738
66fc160178980987eb06df6c7572ebe2f45ae53924d9d6c040fef6265f08361c
675c68ec272e15adac541942a16ddfa45419f6f959147e4728a4e26c512520ad
68a9a625cd4435359405824316f4caaa0e68f8ec76bfdef2b4974a59510a37c3
68fab14b8c4112c0c8c19d07a8ae62b8de9a03da143bfd3be495b8fbc6e385a1
6b73e1847c6fb498059a5dd1f43b785c41f1e3f7390eace0c963e68d9a627e0e
6c5c2f5471b4fc1f8eb970865aa9206cbf1d6d4d34efce83e6c693def24543fd
6edd68731e514566c05a3e9332505817102a8b5db834a80176856647b4162ad9
7132e1816c1855a2c04c25b9a7f709b650c145369e4341b7c1b86d4093c6290b
7170dfc1482453f027cd78abc4d1a6f05f2dd7cfcb897b770aea8e1362a63507
71f58649cf37e2f58cfaa2eaa1f9e292c721ab462b6bd022dc9e5feb9b8b2ade
723bb40b9d713f8788e6aea3edcb404f8f59ae9d2f7eb24c962906eed26c5023
72e9ecb7db91e5a334caa4e36a70071de2851fe7c5a6e4b1028cc80c5be0fa84
749079c4e18ad34ac381e98d3fa23e070937ae17b73e27bb066eae5350ed667d
7490c495bc701b5f3c822f76f18d9f9842e4c3578b4c8e74937ce49a1ca75546
74b9c2d4a62a1005c38a8b2b95d59507fa67f5334bc56ccf69a82ff99df3fdd2
77bcc9a2018d9882752571a1063ef8fdfdb22353f6dcf019be8d5eff94ee063f
78ec11a4740f0369c1dd9d837cd42e000fbfc2b219fedf4ecfe02f4e02992de4
79d0635ee2b8675bfdf313b1fc5aef3798c52cd3b86f7eb106f6cc94ea2ddae0
7ab05351d1257d38ef4ab7f85492cda992e1f171134f173a90b8eabef358c73f
7ad3018fadcc481cde521f59563f00445e75ddd164cce1a6928632a62b3577a4
7c363a0df8fcfb5937f3ea0fd2d1e6bd6d1a5f7e577184fbd8843a4baa2f7d7d
7caa36a2429987bf28f857262051ba65268681630d763af8489caa70a3a37dd9
805d0eb2cea428ff67346b3767abff28daded90b51c4cfffa712c85f891e1c20
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
82ddcf504e891ea31eac36c9c2c68b0b210c48774017ea9d137dbe6d93f63368
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
8858be9b4630362194f876af12bf491135b7a9a746be019cb14a490d9e3e6834
890fe1ad2971260df5358930b896f58b3b94b0a24fc83d31c53c46f5ce64c978
8b2c1995d554aa2802ce42ae934b2187dec183b3d31a959ad6dec5a7c9e66ee7
8b8bc4010a374e304ebe69fa345ce460768712d77cbc7a3f816297a675077bd7
8bbb9b2d789b181da8575b96d764b616227826d6635a930a5b8882af586b6dfe
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d1249f16487fc936e14a5751f27641ea4e5f48fb119344b232293698d901d4d
8f73a10773dae7dadd7ca1e735ae7da6028aca748f9d01cff8aeebb462767c6e
90102b36c17b8182fcb580b55b917d4807fb037df4dd104a6815ad305e2bea20
91233986c502d6d056ddd1cd3cfb6161f96133ed2e7dcc316d0b873dee022cc0
940279e36147793b4d86a54a843f9f8b8dcd3f93d5f8e9b6252967580a4a173b
94d523edd701a50db76faf479f4e32f007cbd97ade5339313f1e5a1ef5b35a85
95f2ccb847074153d54e65686ce7e2a10d73ffd705b05300e6a1121d882879f8
96e3e8dfde6b1042514824bac1b44282d4a76bac028f2d767f6534dce2cf3db0
9757be3949a3f3362e256222bfd6c7982587e4284065650121f74a5c89241fb8
9ae57b15404acb39a80b9714a36c43546fe0f25b10567812fd470951f6d95869
9b349818f2c70024b4b27357ce346de1c26da2a733081f91b33dcb663a080241
9bcf8ee7e12dd5a42b927fa0c41c84dc32744c2f99f46a5028ae2067a2581104
9c067c26f5bddfc2d3810a3ada3371fb1f5e2350d76342d4050ab3fc67335964
9c95792b14cad4642ea9bbcb71cd49f6d2d57bd3a53bc1bc8630e26bbd6fd5a7
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9d5497521bfc84947a23dd5687f8629f34ce7d1dd3d37cc83d9c6f14d2af0cb0
9e11962c066339f200a342dfdecd23dab603951d49189e9e84723f3cc2008a67
9e57fedb96b3686621bccd5521f43a2037a823c74f062176952890b179b3955b
9f248f1796561327ef09a67e632ac351ed88a981f1af942cdd66faa4d6597413
9f7994e20f15dcfae344f044a38cf8027c739692e2a78cf740c15b993a73f9dc
9fca2d1e62e2b4cc37b8153e842160dcfc60f58d5421885cf3dc51f2596093e9
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a3adbeca40ebac16516095db3eaa60c0bb59142d2abdf8f8ad6474af0cbb7839
a87feaf65170ded496c597c1f1011a79c39a309e415802b49a3fea32f32dfdb8
aa03eb68227b8878eaceea508be01259496077ec5ed9b375f84c77f577b843ed
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab537e5d1aad79aa80216444bb19c9f009e435a714c7815d7ab071210fccb741
ac516a9085241005aad07c254f56a285f09679eade6ff1f41971914c84ecdde3
ade8f79b49e76a6b813ce37ff78a2689d12d0b14ccbd4f07a204bde958a75965
ae1aeb3602794e3ef049ae89198a70c72fc889ae12c875016a468f4c15a0fd2a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aec688a4af6aa04c9f761a80eeede15e335855823014c61694cb988d30038acd
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b0f0fbf9b3cf511347cdd240a5b9d150a7bda064d49fcef52e4c0b7ef4451ae7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1567c9af517c0e55991081919f4dc2263f00b8deea21f3c94087737d2401fc2
b22620fc4d630726cb3f47fac6ade45801e71c9d90dc6ab148e51dbcc910944e
b29ed02d2a6b27c3b20ec347f6ec77b369499ed94a26079d7f897eafd6b5497c
b31ea2eebf5845a5910d7206bd04a9505e956328277584b8e7414755ef29224d
b457f55c3e857e39d1bfe1af96f5e6800547dc8ccfc93e042fdf79d4f963f508
b4b8365451deb3573d04a81a62d79ca08ada652e5ad78bddd987b5bf30954ad6
b68e2e2ce01e9e10fce144866719f5ad3bd6c37c44f57f7682c20d25e229a33d
b78108bba371998956e5b2af4ebd941f4b53facd3e18feb389844ca25520d3e5
b822ca04c68390804e1bcf3aa32825eb90d4b17a3200b4103bbdaac08fc86b0f
b943416e663e1b110b046b8abd2cd2b8b2cc6267f77293d27d6bc3e31e59cdc8
b97b6a79b734e9323aa8c3847d0b2a1bb5db32fc6a7df92ac69653d1c8ba13c5
b98745699334e83f49350bbf814a657f787ae1d515b8e41df4856ea89dd2f8a1
ba014b41e87e2deda011cf92146d1b1842133b416d5ce0be02719670c0d46e10
ba17ede1117181a80c53cd062b8888bccf458b5d39978b5078172431c3325a22
ba28f54d3ac3c8b623c7c8a0317892d27a10c9c22534d5bed6f9248dde2d1442
baa47cb028f5878356baacb8c2760dbc85b3695c4fe1c346e26b4b978eb0100f
bca7ee31fc622c935a1ba3d3d012111f3aab926dc898ed011513fc7a9145f90e
bcf8f42f390686367155673ac10b31702dd14b03764d9ef4bf1554a2e5a1b459
c0e1d78151251a9ea8212fa34e7a19034fffe668b7099ed44b7b9685add9dca2
c12ca0ed450cdca9f3942e65f175998fadd6f34987d4bc551d4476397cbe87ca
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c73f2b03af16458ad905f45a098d8861ec7b0a2480387a59195b4465aca25d02
c7b4b5dc3ddc85576c11a8d1fe5d82316632454870c40f31616ccc4e249c4fc6
c7d5594f3a599ccd0b1a336bb68a24d59882f394bb0b9c9a29c5200cd2b48468
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cfdc54476399fb550e2771333a7f015fe5e36a107e582df87092fc1c88b5fde1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0c0a6ab2e10cb4061ce00406e53dd6eec2f0753fd20883654b2c13349e088d7
d29329513ba84a542d20f010d69ba5faef25c745d711d2a157d9ace3b62d01a8
d2a51ee8b66355f686294fc584db6191846a7b4d8320ea2697903f75e2a01187
d3dbfcfa0f908c7c34602e8cfcbf21d967fca3b6564c78fabd573e3afae9816d
d3e9995e760cd5403460c2198fbc80e3c8d9fe858406acc41e680a83af85b265
d699116aed4876d388ecc45fa88a6cdef915499ffa2502ea8ec657cf145882e2
d891551f129f5784e720c7807cbd10b8b5aa4a8d9440880c32b521e3b89ca346
da0f675c3f128557e0b6e65cf22fb3841341b3496e50a90e9b8e1c8c01ee5801
dbd47670b0bb46f0bf402a24a3793ed813de07921a104da141c9d68e5f5cd074
dce3a7d75903f3a00ff7b72c2b3f3e34c786c0867a1398caa5212977e721d1b0
dd1b6b445960f258ba30d67d5e7b8572aa0e4911113bde10ef71b21477cfa4ff
ddd9d29beabaeecc9c76408242dfc2b76305ec52511992d3cfbc81a500ee0670
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dee10fdcd26b484406619a49a9148dc00d73e2520c9c80aa1ff9489279d874c4
e07e12baca73f34b8e8b9a4194311ed254370260a79f7abc2a279802cc7a9fbf
e0db260abc2e8d5c0369d7b47cf054c691ea7c7e1ec634ee9121254ed8e8a61a
e13547eec8879c9b576c2e06837303ad06ea15905d4eb075291ff21686a5b3da
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b51c49d428fa8463f46232048c405279e9ef08761bec2d8ca652a5b6f8ca20
e5ee9a2f03497e345314608584d96d320e378e2b54471139aae7a91107e111c0
e6074f2bcbf3414cee5eb2b17ee72ffd0764f748c6b4379e7c646023a29648ce
e68718c41ef1c23f1640623633d26706d9cc4cf198c72be002c8594f9f9efcac
e7035ccf480f22d61ad1a30a6fea5d4cab95f70a76194bcc267e63c51aa1e7d5
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
ea76b764cc79e34aacb5473f624f54f6da49da1d10b00cb931075a6bd0d38c32
eb0110be59431fd3c8942faca7ee241aef70ddc66cc3316b645cc8ae6ca2b70a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed476fb144e80d913475ec3dacf539d55ae0ac66ccb2d5a794097026a523ab6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f058f6ec7d9979a1982c57685ff6d0bb327c1ca9db01a749eefe9e59eebc699e
f2415a5fbb844b1c2fdf48ce0bb9dfa2694a153695ca753dc5f84170b334041b
f3c5e5a0064eec4419f514718f35b3eb4ff163a77ebf16445041f5498a84638b
f3ca3118d9eceb4028fb8b62693e34913badaedfc8d62eed83ed744697bf12f9
f6cfe89b284e6a2100a86b8d6b0e52b76b85cc62622a40d63e929f328d883a6a
f72f5b810352a7770cea165cb5e3fd4f7186d103fe25d56c477ec02e8a67a107
f75ada33b07cb31e16a0a0d3325961a22dc9526edb49bff04c31d7b7611f7025
f7676b05cfe6f02323719832d6cd76edd888df6ed67e502cf50de7c8362f3e8d
f7bb9338bf9aa5fbf4675e307003f8dccae4fd8157bcd05f2c285070848ce87b
f8eded175cd5dcfb9c2a05bd3b87782757466192e49961f1ecd28e5c3a7efc1f
f95d603bd99d7ef21ed2ac8f9008ca9c4035dcc30b28e8909b2b884796788c3a
fb4a1ce6dfcba35211052403191f739a43aafef3ebab7af5e3866d02da0e60fe
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
fed911d44812ff0b3cef9c56b1913fe36fb108766407154fb5e7d0fdd257238f

reurl.cc Open in urlscan Pro 35.185.130.121 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

407 Requests

90 %HTTPS

0 %IPv6

61 Domains

107 Subdomains

88 IPs

6 Countries

8572 kBTransfer

22605 kBSize

83 Cookies

21 Outgoing links

Redirected requests

407 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

reurl.cc Open in urlscan Pro
35.185.130.121 Public Scan

Screenshot
Live screenshot

Full Image

407
Requests

90 %
HTTPS

0 %
IPv6

61
Domains

107
Subdomains

88
IPs

6
Countries

8572 kB
Transfer

22605 kB
Size

83
Cookies

407 HTTP transactions
8 data transactions